Sfoglia il codice sorgente

Local backup for hubzilla

Bob Mottram 9 anni fa
parent
commit
7afd0e27a4
No account linked to committer's email
1 ha cambiato i file con 371 aggiunte e 362 eliminazioni
  1. 371
    362
      src/freedombone-app-hubzilla

+ 371
- 362
src/freedombone-app-hubzilla Vedi File

@@ -41,380 +41,389 @@ HUBZILLA_COMMIT='2d79e75788aa71664a379c4cea0b6bfe3ab87ad0'
41 41
 HUBZILLA_ADDONS_COMMIT='67b40c7a40f328a93ee030eb15e9e1261f3cba64'
42 42
 
43 43
 function upgrade_hubzilla {
44
-	if ! grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
45
-		return
46
-	fi
47
-	HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
48
-
49
-	function_check set_repo_commit
50
-	set_repo_commit $HUBZILLA_PATH "Hubzilla commit" "$HUBZILLA_COMMIT" $HUBZILLA_REPO
51
-	set_repo_commit $HUBZILLA_PATH/addon "Hubzilla addons commit" "$HUBZILLA_ADDONS_COMMIT" $HUBZILLA_ADDONS_REPO
52
-	if [ -d $HUBZILLA_PATH/redmatrix-themes1 ]; then
53
-		cd $HUBZILLA_PATH/redmatrix-themes1
54
-		git stash
55
-		git pull
56
-		cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
57
-		chown -R www-data:www-data $HUBZILLA_PATH
58
-	fi
44
+    if ! grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
45
+        return
46
+    fi
47
+    HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
48
+
49
+    function_check set_repo_commit
50
+    set_repo_commit $HUBZILLA_PATH "Hubzilla commit" "$HUBZILLA_COMMIT" $HUBZILLA_REPO
51
+    set_repo_commit $HUBZILLA_PATH/addon "Hubzilla addons commit" "$HUBZILLA_ADDONS_COMMIT" $HUBZILLA_ADDONS_REPO
52
+    if [ -d $HUBZILLA_PATH/redmatrix-themes1 ]; then
53
+        cd $HUBZILLA_PATH/redmatrix-themes1
54
+        git stash
55
+        git pull
56
+        cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
57
+        chown -R www-data:www-data $HUBZILLA_PATH
58
+    fi
59 59
 }
60 60
 
61 61
 function backup_local_hubzilla {
62
-	echo ''
62
+    echo $"Backing up Hubzilla"
63
+
64
+    function_check backup_database_local
65
+    backup_database_local hubzilla
66
+
67
+    function_check backup_directory_to_usb
68
+    backup_directory_to_usb /root/temphubzilladata hubzilladata
69
+    backup_directory_to_usb /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs hubzilla
70
+
71
+    echo $"Hubzilla backup complete"
63 72
 }
64 73
 
65 74
 function backup_remote_hubzilla {
66
-	echo ''
75
+    echo -n ''
67 76
 }
68 77
 
69 78
 function remove_hubzilla {
70
-	if ! grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
71
-		return
72
-	fi
73
-	nginx_dissite $HUBZILLA_DOMAIN_NAME
74
-	if [ -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
75
-		rm -rf /var/www/$HUBZILLA_DOMAIN_NAME
76
-	fi
77
-	if [ -f /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME ]; then
78
-		rm /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
79
-	fi
80
-	function_check drop_database
81
-	drop_database hubzilla
82
-	function_check remove_onion_service
83
-	remove_onion_service hubzilla ${HUBZILLA_ONION_PORT}
84
-	sed -i '/install_hubzilla/d' $COMPLETION_FILE
85
-	sed -i '/Hubzilla /d' $COMPLETION_FILE
79
+    if ! grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
80
+        return
81
+    fi
82
+    nginx_dissite $HUBZILLA_DOMAIN_NAME
83
+    if [ -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
84
+        rm -rf /var/www/$HUBZILLA_DOMAIN_NAME
85
+    fi
86
+    if [ -f /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME ]; then
87
+        rm /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
88
+    fi
89
+    function_check drop_database
90
+    drop_database hubzilla
91
+    function_check remove_onion_service
92
+    remove_onion_service hubzilla ${HUBZILLA_ONION_PORT}
93
+    sed -i '/install_hubzilla/d' $COMPLETION_FILE
94
+    sed -i '/Hubzilla /d' $COMPLETION_FILE
86 95
 }
87 96
 
88 97
 function install_hubzilla {
89
-	if [ ! $HUBZILLA_DOMAIN_NAME ]; then
90
-		return
91
-	fi
92
-
93
-	if grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
94
-		return
95
-	fi
96
-
97
-	HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
98
-
99
-	function_check install_mariadb
100
-	install_mariadb
101
-
102
-	function_check get_mariadb_password
103
-	get_mariadb_password
104
-
105
-	function_check repair_databases_script
106
-	repair_databases_script
107
-
108
-	apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
109
-	apt-get -y install php5-dev imagemagick php5-imagick
110
-	apt-get -y install php5-memcached
111
-
112
-	if [ ! -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
113
-		mkdir /var/www/$HUBZILLA_DOMAIN_NAME
114
-	fi
115
-	if [ ! -d $HUBZILLA_PATH ]; then
116
-		mkdir $HUBZILLA_PATH
117
-	fi
118
-
119
-	if [ ! -f $HUBZILLA_PATH/index.php ]; then
120
-		cd $INSTALL_DIR
121
-		function_check git_clone
122
-		git_clone $HUBZILLA_REPO hubzilla
123
-		git checkout $HUBZILLA_COMMIT -b $HUBZILLA_COMMIT
124
-		if ! grep -q "Hubzilla commit" $COMPLETION_FILE; then
125
-			echo "Hubzilla commit:$HUBZILLA_COMMIT" >> $COMPLETION_FILE
126
-		else
127
-			sed -i "s/Hubzilla commit.*/Hubzilla commit:$HUBZILLA_COMMIT/g" $COMPLETION_FILE
128
-		fi
129
-
130
-		rm -rf $HUBZILLA_PATH
131
-		mv hubzilla $HUBZILLA_PATH
132
-
133
-		git_clone $HUBZILLA_ADDONS_REPO $HUBZILLA_PATH/addon
134
-		cd $HUBZILLA_PATH/addon
135
-		git checkout $HUBZILLA_ADDONS_COMMIT -b $HUBZILLA_ADDONS_COMMIT
136
-		if ! grep -q "Hubzilla addons commit" $COMPLETION_FILE; then
137
-			echo "Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT" >> $COMPLETION_FILE
138
-		else
139
-			sed -i "s/Hubzilla addons commit.*/Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT/g" $COMPLETION_FILE
140
-		fi
141
-
142
-		# some extra themes
143
-		git_clone $HUBZILLA_THEMES_REPO $HUBZILLA_PATH/redmatrix-themes1
144
-		cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
145
-
146
-		chown -R www-data:www-data $HUBZILLA_PATH
147
-	fi
148
-
149
-	HUBZILLA_ONION_HOSTNAME=
150
-	if [[ $ONION_ONLY != "no" ]]; then
151
-		HUBZILLA_ONION_HOSTNAME=$(add_onion_service hubzilla 80 ${HUBZILLA_ONION_PORT})
152
-		echo "Hubzilla onion domain:${HUBZILLA_ONION_HOSTNAME}" >> $COMPLETION_FILE
153
-	fi
154
-
155
-	function_check get_mariadb_hubzilla_admin_password
156
-	get_mariadb_hubzilla_admin_password
157
-	if [ ! $HUBZILLA_ADMIN_PASSWORD ]; then
158
-		if [ -f $IMAGE_PASSWORD_FILE ]; then
159
-			HUBZILLA_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
160
-		else
161
-			HUBZILLA_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
162
-		fi
163
-		echo '' >> /home/$MY_USERNAME/README
164
-		echo '' >> /home/$MY_USERNAME/README
165
-		echo 'Hubzilla' >> /home/$MY_USERNAME/README
166
-		echo '========' >> /home/$MY_USERNAME/README
167
-		if [[ $ONION_ONLY == 'no' ]]; then
168
-			echo $"Open https://$HUBZILLA_DOMAIN_NAME and register a new user" >> /home/$MY_USERNAME/README
169
-		else
170
-			echo $"Open http://$HUBZILLA_ONION_HOSTNAME and register a new user" >> /home/$MY_USERNAME/README
171
-		fi
172
-		echo $"Your MariaDB Hubzilla admin password is: $HUBZILLA_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
173
-		chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
174
-		chmod 600 /home/$MY_USERNAME/README
175
-	fi
176
-
177
-	function_check create_database
178
-	create_database hubzilla "$HUBZILLA_ADMIN_PASSWORD"
179
-
180
-	if ! grep -q "$HUBZILLA_PATH" /etc/crontab; then
181
-		echo "12,22,32,42,52 * *   *   *   root cd $HUBZILLA_PATH; /usr/bin/timeout 500 /usr/bin/php include/poller.php" >> /etc/crontab
182
-	fi
183
-
184
-	function check add_ddns_domain
185
-	add_ddns_domain $HUBZILLA_DOMAIN_NAME
186
-
187
-	if [[ $ONION_ONLY == "no" ]]; then
188
-		function_check nginx_http_redirect
189
-		nginx_http_redirect $HUBZILLA_DOMAIN_NAME
190
-		echo 'server {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
191
-		echo '    listen 443 ssl;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
192
-		echo "    root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
193
-		echo "    server_name $HUBZILLA_DOMAIN_NAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
194
-		echo "    error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
195
-		echo '    index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
196
-		echo '    charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
197
-		echo '    access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
198
-		function_check nginx_limits
199
-		nginx_limits $HUBZILLA_DOMAIN_NAME
200
-		function_check nginx_ssl
201
-		nginx_ssl $HUBZILLA_DOMAIN_NAME
202
-		function_check nginx_disable_sniffing
203
-		nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
204
-		echo '    add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
205
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
206
-		echo '    # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
207
-		echo '    location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
208
-		echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
209
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
210
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
211
-		echo "    # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
212
-		echo '    # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
213
-		echo '    location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
214
-		echo '        allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
215
-		echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
216
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
217
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
218
-		echo '    # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
219
-		echo '    # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
220
-		echo '    # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
221
-		echo '    # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
222
-		echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
223
-		echo '        expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
224
-		echo '        try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
225
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
226
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
227
-		echo '    # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
228
-		echo '    location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
229
-		echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
230
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
231
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
232
-		echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
233
-		echo '    # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
234
-		echo '    location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
235
-		echo '        # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
236
-		echo '        # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
237
-		echo "        # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
238
-		echo "        # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
239
-		echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
240
-		echo "        # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
241
-		echo '        try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
242
-		echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
243
-		echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
244
-		echo '        # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
245
-		echo '        # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
246
-		echo '        # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
247
-		echo '        fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
248
-		echo '        include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
249
-		echo '        fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
250
-		echo '        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
251
-		echo '        fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
252
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
253
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
254
-		echo '    # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
255
-		echo '    location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
256
-		echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
257
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
258
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
259
-		echo '    location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
260
-		echo '      deny  all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
261
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
262
-		echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
263
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
264
-	else
265
-		echo 'server {' > /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
266
-		echo "    listen 127.0.0.1:${HUBZILLA_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
267
-		echo "    root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
268
-		echo "    server_name $HUBZILLA_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
269
-		echo "    error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
270
-		echo '    index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
271
-		echo '    charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
272
-		echo '    access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
273
-		nginx_limits $HUBZILLA_DOMAIN_NAME
274
-		nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
275
-		echo '    add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
276
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
277
-		echo '    # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
278
-		echo '    location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
279
-		echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
280
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
281
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
282
-		echo "    # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
283
-		echo '    # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
284
-		echo '    location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
285
-		echo '        allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
286
-		echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
287
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
288
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
289
-		echo '    # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
290
-		echo '    # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
291
-		echo '    # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
292
-		echo '    # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
293
-		echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
294
-		echo '        expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
295
-		echo '        try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
296
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
297
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
298
-		echo '    # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
299
-		echo '    location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
300
-		echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
301
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
302
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
303
-		echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
304
-		echo '    # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
305
-		echo '    location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
306
-		echo '        # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
307
-		echo '        # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
308
-		echo "        # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
309
-		echo "        # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
310
-		echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
311
-		echo "        # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
312
-		echo '        try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
313
-		echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
314
-		echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
315
-		echo '        # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
316
-		echo '        # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
317
-		echo '        # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
318
-		echo '        fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
319
-		echo '        include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
320
-		echo '        fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
321
-		echo '        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
322
-		echo '        fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
323
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
324
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
325
-		echo '    # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
326
-		echo '    location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
327
-		echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
328
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
329
-		echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
330
-		echo '    location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
331
-		echo '      deny  all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
332
-		echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
333
-		echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
334
-	fi
335
-
336
-	function_check configure_php
337
-	configure_php
338
-
339
-	function_check create_site_certificate
340
-	create_site_certificate $HUBZILLA_DOMAIN_NAME 'yes'
341
-
342
-	if [ ! -d $HUBZILLA_PATH/view/tpl/smarty3 ]; then
343
-		mkdir $HUBZILLA_PATH/view/tpl/smarty3
344
-	fi
345
-	if [ ! -d "$HUBZILLA_PATH/store" ]; then
346
-		mkdir "$HUBZILLA_PATH/store"
347
-	fi
348
-	if [ ! -d "$HUBZILLA_PATH/store/[data]" ]; then
349
-		mkdir "$HUBZILLA_PATH/store/[data]"
350
-	fi
351
-	if [ ! -d "$HUBZILLA_PATH/store/[data]/smarty3" ]; then
352
-		mkdir "$HUBZILLA_PATH/store/[data]/smarty3"
353
-		chmod 777 "$HUBZILLA_PATH/store/[data]/smarty3"
354
-	fi
355
-	chmod 777 $HUBZILLA_PATH/view/tpl
356
-	chown -R www-data:www-data "$HUBZILLA_PATH/store"
357
-	chmod 777 $HUBZILLA_PATH/view/tpl/smarty3
358
-
359
-	# Ensure that the database gets backed up locally, if remote
360
-	# backups are not being used
361
-	function_check backup_databases_script_header
362
-	backup_databases_script_header
363
-
364
-	function_check backup_database_local
365
-	backup_database_local hubzilla
366
-
367
-	chown -R www-data:www-data $HUBZILLA_PATH
368
-
369
-	function_check nginx_ensite
370
-	nginx_ensite $HUBZILLA_DOMAIN_NAME
371
-
372
-	# initialize the database
373
-	if [ ! -f $HUBZILLA_PATH/install/schema_mysql.sql ]; then
374
-		echo $'No database schema found for hubzilla'
375
-		exit 252782
376
-	fi
377
-	function_check initialise_database
378
-	initialise_database hubzilla $HUBZILLA_PATH/install/schema_mysql.sql
379
-
380
-	# create the config file
381
-	echo '<?php' > $HUBZILLA_PATH/.htconfig.php
382
-	echo "\$db_host = 'localhost';" >> $HUBZILLA_PATH/.htconfig.php
383
-	echo "\$db_port = '0';" >> $HUBZILLA_PATH/.htconfig.php
384
-	echo "\$db_user = 'root';" >> $HUBZILLA_PATH/.htconfig.php
385
-	echo "\$db_pass = '${MARIADB_PASSWORD}';" >> $HUBZILLA_PATH/.htconfig.php
386
-	echo "\$db_data = 'hubzilla';" >> $HUBZILLA_PATH/.htconfig.php
387
-	echo "\$db_type = '0';" >> $HUBZILLA_PATH/.htconfig.php
388
-	echo "\$default_timezone = 'Europe/London';" >> $HUBZILLA_PATH/.htconfig.php
389
-	if [[ $ONION_ONLY == 'no' ]]; then
390
-		echo "\$a->config['system']['baseurl'] = 'https://${HUBZILLA_DOMAIN_NAME}';" >> $HUBZILLA_PATH/.htconfig.php
391
-	else
392
-		echo "\$a->config['system']['baseurl'] = 'http://${HUBZILLA_ONION_HOSTNAME}';" >> $HUBZILLA_PATH/.htconfig.php
393
-	fi
394
-	echo "\$a->config['system']['sitename'] = \"Hubzilla\";" >> $HUBZILLA_PATH/.htconfig.php
395
-	HUBZILLA_LOCATION_HASH="$(create_password 30)"
396
-	echo "\$a->config['system']['location_hash'] = '${HUBZILLA_LOCATION_HASH}';" >> $HUBZILLA_PATH/.htconfig.php
397
-	echo "\$a->config['system']['register_policy'] = REGISTER_OPEN;" >> $HUBZILLA_PATH/.htconfig.php
398
-	echo "\$a->config['system']['register_text'] = '';" >> $HUBZILLA_PATH/.htconfig.php
399
-	echo "\$a->config['system']['admin_email'] = '${MY_EMAIL_ADDRESS}';" >> $HUBZILLA_PATH/.htconfig.php
400
-	echo "\$a->config['system']['verify_email'] = 1;" >> $HUBZILLA_PATH/.htconfig.php
401
-	echo "\$a->config['system']['access_policy'] = ACCESS_PRIVATE;" >> $HUBZILLA_PATH/.htconfig.php
402
-	echo "\$a->config['system']['sellpage'] = '';" >> $HUBZILLA_PATH/.htconfig.php
403
-	echo "\$a->config['system']['max_import_size'] = 200000;" >> $HUBZILLA_PATH/.htconfig.php
404
-	echo "\$a->config['system']['php_path'] = '/usr/bin/php';" >> $HUBZILLA_PATH/.htconfig.php
405
-	echo "\$a->config['system']['directory_mode']  = DIRECTORY_MODE_NORMAL;" >> $HUBZILLA_PATH/.htconfig.php
406
-	echo "\$a->config['system']['theme'] = 'redbasic';" >> $HUBZILLA_PATH/.htconfig.php
407
-	chown www-data:www-data $HUBZILLA_PATH/.htconfig.php
408
-	chmod 755 $HUBZILLA_PATH/.htconfig.php
409
-
410
-	systemctl restart php5-fpm
411
-	systemctl restart nginx
412
-	systemctl restart cron
413
-
414
-	${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$HUBZILLA_DOMAIN_NAME" -g hubzilla --public no
415
-
416
-	echo "Hubzilla domain:${HUBZILLA_DOMAIN_NAME}" >> $COMPLETION_FILE
417
-	echo 'install_hubzilla' >> $COMPLETION_FILE
98
+    if [ ! $HUBZILLA_DOMAIN_NAME ]; then
99
+        return
100
+    fi
101
+
102
+    if grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
103
+        return
104
+    fi
105
+
106
+    HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
107
+
108
+    function_check install_mariadb
109
+    install_mariadb
110
+
111
+    function_check get_mariadb_password
112
+    get_mariadb_password
113
+
114
+    function_check repair_databases_script
115
+    repair_databases_script
116
+
117
+    apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
118
+    apt-get -y install php5-dev imagemagick php5-imagick
119
+    apt-get -y install php5-memcached
120
+
121
+    if [ ! -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
122
+        mkdir /var/www/$HUBZILLA_DOMAIN_NAME
123
+    fi
124
+    if [ ! -d $HUBZILLA_PATH ]; then
125
+        mkdir $HUBZILLA_PATH
126
+    fi
127
+
128
+    if [ ! -f $HUBZILLA_PATH/index.php ]; then
129
+        cd $INSTALL_DIR
130
+        function_check git_clone
131
+        git_clone $HUBZILLA_REPO hubzilla
132
+        git checkout $HUBZILLA_COMMIT -b $HUBZILLA_COMMIT
133
+        if ! grep -q "Hubzilla commit" $COMPLETION_FILE; then
134
+            echo "Hubzilla commit:$HUBZILLA_COMMIT" >> $COMPLETION_FILE
135
+        else
136
+            sed -i "s/Hubzilla commit.*/Hubzilla commit:$HUBZILLA_COMMIT/g" $COMPLETION_FILE
137
+        fi
138
+
139
+        rm -rf $HUBZILLA_PATH
140
+        mv hubzilla $HUBZILLA_PATH
141
+
142
+        git_clone $HUBZILLA_ADDONS_REPO $HUBZILLA_PATH/addon
143
+        cd $HUBZILLA_PATH/addon
144
+        git checkout $HUBZILLA_ADDONS_COMMIT -b $HUBZILLA_ADDONS_COMMIT
145
+        if ! grep -q "Hubzilla addons commit" $COMPLETION_FILE; then
146
+            echo "Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT" >> $COMPLETION_FILE
147
+        else
148
+            sed -i "s/Hubzilla addons commit.*/Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT/g" $COMPLETION_FILE
149
+        fi
150
+
151
+        # some extra themes
152
+        git_clone $HUBZILLA_THEMES_REPO $HUBZILLA_PATH/redmatrix-themes1
153
+        cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
154
+
155
+        chown -R www-data:www-data $HUBZILLA_PATH
156
+    fi
157
+
158
+    HUBZILLA_ONION_HOSTNAME=
159
+    if [[ $ONION_ONLY != "no" ]]; then
160
+        HUBZILLA_ONION_HOSTNAME=$(add_onion_service hubzilla 80 ${HUBZILLA_ONION_PORT})
161
+        echo "Hubzilla onion domain:${HUBZILLA_ONION_HOSTNAME}" >> $COMPLETION_FILE
162
+    fi
163
+
164
+    function_check get_mariadb_hubzilla_admin_password
165
+    get_mariadb_hubzilla_admin_password
166
+    if [ ! $HUBZILLA_ADMIN_PASSWORD ]; then
167
+        if [ -f $IMAGE_PASSWORD_FILE ]; then
168
+            HUBZILLA_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
169
+        else
170
+            HUBZILLA_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
171
+        fi
172
+        echo '' >> /home/$MY_USERNAME/README
173
+        echo '' >> /home/$MY_USERNAME/README
174
+        echo 'Hubzilla' >> /home/$MY_USERNAME/README
175
+        echo '========' >> /home/$MY_USERNAME/README
176
+        if [[ $ONION_ONLY == 'no' ]]; then
177
+            echo $"Open https://$HUBZILLA_DOMAIN_NAME and register a new user" >> /home/$MY_USERNAME/README
178
+        else
179
+            echo $"Open http://$HUBZILLA_ONION_HOSTNAME and register a new user" >> /home/$MY_USERNAME/README
180
+        fi
181
+        echo $"Your MariaDB Hubzilla admin password is: $HUBZILLA_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
182
+        chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
183
+        chmod 600 /home/$MY_USERNAME/README
184
+    fi
185
+
186
+    function_check create_database
187
+    create_database hubzilla "$HUBZILLA_ADMIN_PASSWORD"
188
+
189
+    if ! grep -q "$HUBZILLA_PATH" /etc/crontab; then
190
+        echo "12,22,32,42,52 * *   *   *   root cd $HUBZILLA_PATH; /usr/bin/timeout 500 /usr/bin/php include/poller.php" >> /etc/crontab
191
+    fi
192
+
193
+    function check add_ddns_domain
194
+    add_ddns_domain $HUBZILLA_DOMAIN_NAME
195
+
196
+    if [[ $ONION_ONLY == "no" ]]; then
197
+        function_check nginx_http_redirect
198
+        nginx_http_redirect $HUBZILLA_DOMAIN_NAME
199
+        echo 'server {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
200
+        echo '    listen 443 ssl;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
201
+        echo "    root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
202
+        echo "    server_name $HUBZILLA_DOMAIN_NAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
203
+        echo "    error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
204
+        echo '    index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
205
+        echo '    charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
206
+        echo '    access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
207
+        function_check nginx_limits
208
+        nginx_limits $HUBZILLA_DOMAIN_NAME
209
+        function_check nginx_ssl
210
+        nginx_ssl $HUBZILLA_DOMAIN_NAME
211
+        function_check nginx_disable_sniffing
212
+        nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
213
+        echo '    add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
214
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
215
+        echo '    # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
216
+        echo '    location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
217
+        echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
218
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
219
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
220
+        echo "    # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
221
+        echo '    # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
222
+        echo '    location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
223
+        echo '        allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
224
+        echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
225
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
226
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
227
+        echo '    # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
228
+        echo '    # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
229
+        echo '    # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
230
+        echo '    # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
231
+        echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
232
+        echo '        expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
233
+        echo '        try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
234
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
235
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
236
+        echo '    # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
237
+        echo '    location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
238
+        echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
239
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
240
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
241
+        echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
242
+        echo '    # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
243
+        echo '    location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
244
+        echo '        # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
245
+        echo '        # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
246
+        echo "        # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
247
+        echo "        # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
248
+        echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
249
+        echo "        # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
250
+        echo '        try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
251
+        echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
252
+        echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
253
+        echo '        # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
254
+        echo '        # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
255
+        echo '        # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
256
+        echo '        fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
257
+        echo '        include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
258
+        echo '        fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
259
+        echo '        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
260
+        echo '        fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
261
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
262
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
263
+        echo '    # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
264
+        echo '    location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
265
+        echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
266
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
267
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
268
+        echo '    location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
269
+        echo '      deny  all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
270
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
271
+        echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
272
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
273
+    else
274
+        echo 'server {' > /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
275
+        echo "    listen 127.0.0.1:${HUBZILLA_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
276
+        echo "    root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
277
+        echo "    server_name $HUBZILLA_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
278
+        echo "    error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
279
+        echo '    index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
280
+        echo '    charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
281
+        echo '    access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
282
+        nginx_limits $HUBZILLA_DOMAIN_NAME
283
+        nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
284
+        echo '    add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
285
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
286
+        echo '    # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
287
+        echo '    location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
288
+        echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
289
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
290
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
291
+        echo "    # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
292
+        echo '    # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
293
+        echo '    location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
294
+        echo '        allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
295
+        echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
296
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
297
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
298
+        echo '    # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
299
+        echo '    # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
300
+        echo '    # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
301
+        echo '    # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
302
+        echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
303
+        echo '        expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
304
+        echo '        try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
305
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
306
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
307
+        echo '    # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
308
+        echo '    location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
309
+        echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
310
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
311
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
312
+        echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
313
+        echo '    # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
314
+        echo '    location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
315
+        echo '        # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
316
+        echo '        # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
317
+        echo "        # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
318
+        echo "        # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
319
+        echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
320
+        echo "        # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
321
+        echo '        try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
322
+        echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
323
+        echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
324
+        echo '        # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
325
+        echo '        # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
326
+        echo '        # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
327
+        echo '        fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
328
+        echo '        include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
329
+        echo '        fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
330
+        echo '        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
331
+        echo '        fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
332
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
333
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
334
+        echo '    # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
335
+        echo '    location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
336
+        echo '        deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
337
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
338
+        echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
339
+        echo '    location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
340
+        echo '      deny  all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
341
+        echo '    }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
342
+        echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
343
+    fi
344
+
345
+    function_check configure_php
346
+    configure_php
347
+
348
+    function_check create_site_certificate
349
+    create_site_certificate $HUBZILLA_DOMAIN_NAME 'yes'
350
+
351
+    if [ ! -d $HUBZILLA_PATH/view/tpl/smarty3 ]; then
352
+        mkdir $HUBZILLA_PATH/view/tpl/smarty3
353
+    fi
354
+    if [ ! -d "$HUBZILLA_PATH/store" ]; then
355
+        mkdir "$HUBZILLA_PATH/store"
356
+    fi
357
+    if [ ! -d "$HUBZILLA_PATH/store/[data]" ]; then
358
+        mkdir "$HUBZILLA_PATH/store/[data]"
359
+    fi
360
+    if [ ! -d "$HUBZILLA_PATH/store/[data]/smarty3" ]; then
361
+        mkdir "$HUBZILLA_PATH/store/[data]/smarty3"
362
+        chmod 777 "$HUBZILLA_PATH/store/[data]/smarty3"
363
+    fi
364
+    chmod 777 $HUBZILLA_PATH/view/tpl
365
+    chown -R www-data:www-data "$HUBZILLA_PATH/store"
366
+    chmod 777 $HUBZILLA_PATH/view/tpl/smarty3
367
+
368
+    # Ensure that the database gets backed up locally, if remote
369
+    # backups are not being used
370
+    function_check backup_databases_script_header
371
+    backup_databases_script_header
372
+
373
+    function_check backup_database_local
374
+    backup_database_local hubzilla
375
+
376
+    chown -R www-data:www-data $HUBZILLA_PATH
377
+
378
+    function_check nginx_ensite
379
+    nginx_ensite $HUBZILLA_DOMAIN_NAME
380
+
381
+    # initialize the database
382
+    if [ ! -f $HUBZILLA_PATH/install/schema_mysql.sql ]; then
383
+        echo $'No database schema found for hubzilla'
384
+        exit 252782
385
+    fi
386
+    function_check initialise_database
387
+    initialise_database hubzilla $HUBZILLA_PATH/install/schema_mysql.sql
388
+
389
+    # create the config file
390
+    echo '<?php' > $HUBZILLA_PATH/.htconfig.php
391
+    echo "\$db_host = 'localhost';" >> $HUBZILLA_PATH/.htconfig.php
392
+    echo "\$db_port = '0';" >> $HUBZILLA_PATH/.htconfig.php
393
+    echo "\$db_user = 'root';" >> $HUBZILLA_PATH/.htconfig.php
394
+    echo "\$db_pass = '${MARIADB_PASSWORD}';" >> $HUBZILLA_PATH/.htconfig.php
395
+    echo "\$db_data = 'hubzilla';" >> $HUBZILLA_PATH/.htconfig.php
396
+    echo "\$db_type = '0';" >> $HUBZILLA_PATH/.htconfig.php
397
+    echo "\$default_timezone = 'Europe/London';" >> $HUBZILLA_PATH/.htconfig.php
398
+    if [[ $ONION_ONLY == 'no' ]]; then
399
+        echo "\$a->config['system']['baseurl'] = 'https://${HUBZILLA_DOMAIN_NAME}';" >> $HUBZILLA_PATH/.htconfig.php
400
+    else
401
+        echo "\$a->config['system']['baseurl'] = 'http://${HUBZILLA_ONION_HOSTNAME}';" >> $HUBZILLA_PATH/.htconfig.php
402
+    fi
403
+    echo "\$a->config['system']['sitename'] = \"Hubzilla\";" >> $HUBZILLA_PATH/.htconfig.php
404
+    HUBZILLA_LOCATION_HASH="$(create_password 30)"
405
+    echo "\$a->config['system']['location_hash'] = '${HUBZILLA_LOCATION_HASH}';" >> $HUBZILLA_PATH/.htconfig.php
406
+    echo "\$a->config['system']['register_policy'] = REGISTER_OPEN;" >> $HUBZILLA_PATH/.htconfig.php
407
+    echo "\$a->config['system']['register_text'] = '';" >> $HUBZILLA_PATH/.htconfig.php
408
+    echo "\$a->config['system']['admin_email'] = '${MY_EMAIL_ADDRESS}';" >> $HUBZILLA_PATH/.htconfig.php
409
+    echo "\$a->config['system']['verify_email'] = 1;" >> $HUBZILLA_PATH/.htconfig.php
410
+    echo "\$a->config['system']['access_policy'] = ACCESS_PRIVATE;" >> $HUBZILLA_PATH/.htconfig.php
411
+    echo "\$a->config['system']['sellpage'] = '';" >> $HUBZILLA_PATH/.htconfig.php
412
+    echo "\$a->config['system']['max_import_size'] = 200000;" >> $HUBZILLA_PATH/.htconfig.php
413
+    echo "\$a->config['system']['php_path'] = '/usr/bin/php';" >> $HUBZILLA_PATH/.htconfig.php
414
+    echo "\$a->config['system']['directory_mode']  = DIRECTORY_MODE_NORMAL;" >> $HUBZILLA_PATH/.htconfig.php
415
+    echo "\$a->config['system']['theme'] = 'redbasic';" >> $HUBZILLA_PATH/.htconfig.php
416
+    chown www-data:www-data $HUBZILLA_PATH/.htconfig.php
417
+    chmod 755 $HUBZILLA_PATH/.htconfig.php
418
+
419
+    systemctl restart php5-fpm
420
+    systemctl restart nginx
421
+    systemctl restart cron
422
+
423
+    ${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$HUBZILLA_DOMAIN_NAME" -g hubzilla --public no
424
+
425
+    echo "Hubzilla domain:${HUBZILLA_DOMAIN_NAME}" >> $COMPLETION_FILE
426
+    echo 'install_hubzilla' >> $COMPLETION_FILE
418 427
 }
419 428
 
420 429
 # NOTE: deliberately there is no "exit 0"