freedombone-app-blog 35KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689
  1. #!/bin/bash
  2. #
  3. # .---. . .
  4. # | | |
  5. # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
  6. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
  7. # ' ' --' --' -' - -' ' ' -' -' -' ' - --'
  8. #
  9. # Freedom in the Cloud
  10. #
  11. # Blog functions
  12. #
  13. # License
  14. # =======
  15. #
  16. # Copyright (C) 2014-2016 Bob Mottram <bob@robotics.uk.to>
  17. #
  18. # This program is free software: you can redistribute it and/or modify
  19. # it under the terms of the GNU Affero General Public License as published by
  20. # the Free Software Foundation, either version 3 of the License, or
  21. # (at your option) any later version.
  22. #
  23. # This program is distributed in the hope that it will be useful,
  24. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. # GNU Affero General Public License for more details.
  27. #
  28. # You should have received a copy of the GNU Affero General Public License
  29. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  30. VARIANTS="full writer"
  31. FULLBLOG_DOMAIN_NAME=
  32. FULLBLOG_CODE=
  33. FULLBLOG_ONION_PORT=8086
  34. FULLBLOG_REPO="https://github.com/danpros/htmly"
  35. FULLBLOG_COMMIT='bf5fe9486160be4da86d8987d3e5c977e1dc6d32'
  36. MY_BLOG_TITLE="My Blog"
  37. MY_BLOG_SUBTITLE="Another ${PROJECT_NAME} Blog"
  38. blog_variables=(FULLBLOG_REPO
  39. FULLBLOG_COMMIT
  40. FULLBLOG_DOMAIN_NAME
  41. FULLBLOG_CODE
  42. MY_BLOG_TITLE
  43. MY_BLOG_SUBTITLE
  44. ONION_ONLY
  45. DDNS_PROVIDER
  46. MY_USERNAME)
  47. function remove_user_blog {
  48. remove_username="$1"
  49. if [ -f /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/config/users/${remove_username}.ini ]; then
  50. rm /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/config/users/${remove_username}.ini
  51. fi
  52. }
  53. function add_user_blog {
  54. if [[ $(app_is_installed blog) == "0" ]]; then
  55. echo '0'
  56. return
  57. fi
  58. new_username="$1"
  59. new_user_password="$2"
  60. if [ ! -d /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users ]; then
  61. echo '2'
  62. return
  63. fi
  64. NEW_USER_PASSWORD_HASH=$(${PROJECT_NAME}-sec --bloghash "$new_user_password")
  65. if [ ${#NEW_USER_PASSWORD_HASH} -lt 8 ]; then
  66. echo '3'
  67. return
  68. fi
  69. echo ';Password' > /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$new_username.ini
  70. echo "password = $NEW_USER_PASSWORD_HASH" >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$new_username.ini
  71. echo 'encryption = password_hash' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$new_username.ini
  72. echo ';Role' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$new_username.ini
  73. echo 'role = admin' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$new_username.ini
  74. echo '0'
  75. }
  76. function configure_interactive_blog {
  77. data=$(tempfile 2>/dev/null)
  78. trap "rm -f $data" 0 1 2 5 15
  79. dialog --title $"Change blog avatar" \
  80. --backtitle $"Freedombone Control Panel" \
  81. --inputbox $"Enter a URL for an image. It should be approximately a square image." 8 75 2>$data
  82. sel=$?
  83. case $sel in
  84. 0)
  85. IMAGE_URL=$(<$data)
  86. if [ ${#IMAGE_URL} -gt 5 ]; then
  87. clear
  88. ${PROJECT_NAME}-blog -a $IMAGE_URL
  89. if [ "$?" = "0" ]; then
  90. dialog --title $"Change blog avatar" \
  91. --msgbox $"Your blog avatar has been changed" 6 40
  92. fi
  93. fi
  94. ;;
  95. esac
  96. }
  97. function install_interactive_blog {
  98. if [ ! $ONION_ONLY ]; then
  99. ONION_ONLY='no'
  100. fi
  101. if [[ $ONION_ONLY != "no" ]]; then
  102. MY_BLOG_TITLE='My Blog'
  103. FULLBLOG_DOMAIN_NAME='blog.local'
  104. else
  105. FULLBLOG_DETAILS_COMPLETE=
  106. while [ ! $FULLBLOG_DETAILS_COMPLETE ]
  107. do
  108. data=$(tempfile 2>/dev/null)
  109. trap "rm -f $data" 0 1 2 5 15
  110. if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
  111. dialog --backtitle $"Freedombone Configuration" \
  112. --title $"Blog Configuration" \
  113. --form $"\nPlease enter your blog details:" 11 55 4 \
  114. $"Title:" 1 1 "$(grep 'MY_BLOG_TITLE' temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
  115. $"Domain:" 2 1 "$(grep 'FULLBLOG_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2 16 33 40 \
  116. $"Code:" 3 1 "$(grep 'FULLBLOG_CODE' temp.cfg | awk -F '=' '{print $2}')" 3 16 33 255 \
  117. 2> $data
  118. else
  119. dialog --backtitle $"Freedombone Configuration" \
  120. --title $"Blog Configuration" \
  121. --form $"\nPlease enter your blog details:" 11 55 3 \
  122. $"Title:" 1 1 "$(grep 'MY_BLOG_TITLE' temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
  123. $"Domain:" 2 1 "$(grep 'FULLBLOG_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2 16 33 40 \
  124. 2> $data
  125. fi
  126. sel=$?
  127. case $sel in
  128. 1) exit 1;;
  129. 255) exit 1;;
  130. esac
  131. MY_BLOG_TITLE=$(cat $data | sed -n 1p)
  132. FULLBLOG_DOMAIN_NAME=$(cat $data | sed -n 2p)
  133. if [ $FULLBLOG_DOMAIN_NAME ]; then
  134. if [[ $FULLBLOG_DOMAIN_NAME == "$WIKI_DOMAIN_NAME" ]]; then
  135. FULLBLOG_DOMAIN_NAME=""
  136. fi
  137. TEST_DOMAIN_NAME=$FULLBLOG_DOMAIN_NAME
  138. validate_domain_name
  139. if [[ $TEST_DOMAIN_NAME != $FULLBLOG_DOMAIN_NAME ]]; then
  140. FULLBLOG_DOMAIN_NAME=
  141. dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
  142. else
  143. if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
  144. FULLBLOG_CODE=$(cat $data | sed -n 3p)
  145. validate_freedns_code "$FULLBLOG_CODE"
  146. if [ ! $VALID_CODE ]; then
  147. FULLBLOG_DOMAIN_NAME=
  148. fi
  149. fi
  150. fi
  151. fi
  152. if [ $FULLBLOG_DOMAIN_NAME ]; then
  153. FULLBLOG_DETAILS_COMPLETE="yes"
  154. fi
  155. done
  156. if grep -q "MY_BLOG_TITLE=" $CONFIGURATION_FILE; then
  157. sed -i "s|MY_BLOG_TITLE=.*|MY_BLOG_TITLE=$MY_BLOG_TITLE|g" $CONFIGURATION_FILE
  158. else
  159. echo "MY_BLOG_TITLE=$MY_BLOG_TITLE" >> $CONFIGURATION_FILE
  160. fi
  161. if grep -q "FULLBLOG_DOMAIN_NAME=" $CONFIGURATION_FILE; then
  162. sed -i "s|FULLBLOG_DOMAIN_NAME=.*|FULLBLOG_DOMAIN_NAME=$FULLBLOG_DOMAIN_NAME|g" $CONFIGURATION_FILE
  163. else
  164. echo "FULLBLOG_DOMAIN_NAME=$FULLBLOG_DOMAIN_NAME" >> $CONFIGURATION_FILE
  165. fi
  166. if grep -q "FULLBLOG_CODE=" $CONFIGURATION_FILE; then
  167. sed -i "s|FULLBLOG_CODE=.*|FULLBLOG_CODE=$FULLBLOG_CODE|g" $CONFIGURATION_FILE
  168. else
  169. echo "FULLBLOG_CODE=$FULLBLOG_CODE" >> $CONFIGURATION_FILE
  170. fi
  171. fi
  172. }
  173. function change_password_blog {
  174. if ! grep -q "blog domain:" $COMPLETION_FILE; then
  175. return
  176. echo "blog domain:$FULLBLOG_DOMAIN_NAME" >> $COMPLETION_FILE
  177. fi
  178. FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "blog domain" | head -n 1 | awk -F ':' '{print $2}')
  179. BLOG_USERNAME="$1"
  180. BLOG_PASSWORD="$2"
  181. if [ ${#BLOG_PASSWORD} -lt 8 ]; then
  182. echo $'Blog password is too short'
  183. return
  184. fi
  185. BLOG_PASSWORD_HASH=$(${PROJECT_NAME}-sec --bloghash "$BLOG_PASSWORD")
  186. if [ ${#BLOG_PASSWORD_HASH} -lt 8 ]; then
  187. echo $'Blog admin password could not be hashed'
  188. exit 625728
  189. fi
  190. sed -i "s|password =.*|password = $BLOG_PASSWORD_HASH|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$BLOG_USERNAME.ini
  191. }
  192. function reconfigure_blog {
  193. echo -n ''
  194. }
  195. function upgrade_blog {
  196. if grep -q "FULLBLOG_DOMAIN_NAME" $CONFIGURATION_FILE; then
  197. FULLBLOG_DOMAIN_NAME=$(grep "FULLBLOG_DOMAIN_NAME" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
  198. fi
  199. function_check set_repo_commit
  200. set_repo_commit /var/www/$FULLBLOG_DOMAIN_NAME/htdocs "blog commit" "$FULLBLOG_COMMIT" $FULLBLOG_REPO
  201. # update blog avatar
  202. ${PROJECT_NAME}-blog
  203. }
  204. function backup_local_blog {
  205. FULLBLOG_DOMAIN_NAME='blog'
  206. if grep -q "blog domain" $COMPLETION_FILE; then
  207. FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "blog domain" | awk -F ':' '{print $2}')
  208. fi
  209. source_directory=/var/www/${FULLBLOG_DOMAIN_NAME}/htdocs
  210. if [ -d $source_directory ]; then
  211. dest_directory=blog
  212. echo $"Backing up $source_directory to $dest_directory"
  213. function_check suspend_site
  214. suspend_site ${FULLBLOG_DOMAIN_NAME}
  215. function_check backup_directory_to_usb
  216. backup_directory_to_usb $source_directory $dest_directory
  217. function_check restart_site
  218. restart_site
  219. echo $"Backup to $dest_directory complete"
  220. fi
  221. }
  222. function restore_local_blog {
  223. FULLBLOG_DOMAIN_NAME='blog'
  224. if grep -q "blog domain" $COMPLETION_FILE; then
  225. FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "blog domain" | awk -F ':' '{print $2}')
  226. fi
  227. if [ $FULLBLOG_DOMAIN_NAME ]; then
  228. echo $"Restoring blog installation"
  229. temp_restore_dir=/root/tempblog
  230. restore_directory_from_usb $temp_restore_dir blog
  231. rm -rf /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs
  232. cp -r $temp_restore_dir/var/www/${FULLBLOG_DOMAIN_NAME}/htdocs /var/www/${FULLBLOG_DOMAIN_NAME}/
  233. if [ ! "$?" = "0" ]; then
  234. set_user_permissions
  235. backup_unmount_drive
  236. exit 593
  237. fi
  238. rm -rf $temp_restore_dir
  239. if [ ! -d /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content ]; then
  240. echo $"No content directory found after restoring blog"
  241. set_user_permissions
  242. backup_unmount_drive
  243. exit 287
  244. fi
  245. chown -R www-data:www-data /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs
  246. # Ensure that the bundled SSL cert is being used
  247. if [ -f /etc/ssl/certs/${FULLBLOG_DOMAIN_NAME}.bundle.crt ]; then
  248. sed -i "s|${FULLBLOG_DOMAIN_NAME}.crt|${FULLBLOG_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${FULLBLOG_DOMAIN_NAME}
  249. fi
  250. for d in /home/*/ ; do
  251. USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
  252. if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
  253. if [ -d /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content/$USERNAME/blog/uncategorized/post ]; then
  254. mv /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content/$USERNAME/blog/*.md /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content/$USERNAME/blog/uncategorized/post
  255. fi
  256. fi
  257. done
  258. if [ -d /etc/letsencrypt/live/${FULLBLOG_DOMAIN_NAME} ]; then
  259. ln -s /etc/letsencrypt/live/${FULLBLOG_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${FULLBLOG_DOMAIN_NAME}.key
  260. ln -s /etc/letsencrypt/live/${FULLBLOG_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${FULLBLOG_DOMAIN_NAME}.pem
  261. fi
  262. fi
  263. }
  264. function backup_remote_blog {
  265. if grep -q "blog domain" $COMPLETION_FILE; then
  266. FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "blog domain" | awk -F ':' '{print $2}')
  267. temp_backup_dir=/var/www/${FULLBLOG_DOMAIN_NAME}/htdocs
  268. if [ -d $temp_backup_dir ]; then
  269. echo $"Backing up blog"
  270. backup_directory_to_friend $temp_backup_dir blog
  271. echo $"Backup of blog complete"
  272. else
  273. echo $"Blog domain specified but not found in $temp_backup_dir"
  274. exit 2578
  275. fi
  276. fi
  277. }
  278. function restore_remote_blog {
  279. if [ -d $SERVER_DIRECTORY/backup/blog ]; then
  280. FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "blog domain" | awk -F ':' '{print $2}')
  281. echo $"Restoring blog installation $FULLBLOG_DOMAIN_NAME"
  282. temp_restore_dir=/root/tempblog
  283. mkdir $temp_restore_dir
  284. function_check restore_directory_from_friend
  285. restore_directory_from_friend $temp_restore_dir blog
  286. rm -rf /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs
  287. cp -r $temp_restore_dir/var/www/${FULLBLOG_DOMAIN_NAME}/htdocs /var/www/${FULLBLOG_DOMAIN_NAME}/
  288. if [ ! "$?" = "0" ]; then
  289. exit 593
  290. fi
  291. rm -rf $temp_restore_dir
  292. if [ ! -d /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content ]; then
  293. echo $"No content directory found after restoring blog"
  294. exit 287
  295. fi
  296. # Ensure that the bundled SSL cert is being used
  297. if [ -f /etc/ssl/certs/${FULLBLOG_DOMAIN_NAME}.bundle.crt ]; then
  298. sed -i "s|${FULLBLOG_DOMAIN_NAME}.crt|${FULLBLOG_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${FULLBLOG_DOMAIN_NAME}
  299. fi
  300. for d in /home/*/ ; do
  301. USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
  302. if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
  303. if [ -d /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content/$USERNAME/blog/uncategorized/post ]; then
  304. mv /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content/$USERNAME/blog/*.md /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs/content/$USERNAME/blog/uncategorized/post
  305. fi
  306. fi
  307. done
  308. if [ -d /etc/letsencrypt/live/${FULLBLOG_DOMAIN_NAME} ]; then
  309. ln -s /etc/letsencrypt/live/${FULLBLOG_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${FULLBLOG_DOMAIN_NAME}.key
  310. ln -s /etc/letsencrypt/live/${FULLBLOG_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${FULLBLOG_DOMAIN_NAME}.pem
  311. fi
  312. echo $"Restore of blog complete"
  313. fi
  314. }
  315. function remove_blog {
  316. if [[ $(app_is_installed blog) == "0" ]]; then
  317. return
  318. fi
  319. if grep -q "FULLBLOG_DOMAIN_NAME" $CONFIGURATION_FILE; then
  320. FULLBLOG_DOMAIN_NAME=$(grep "FULLBLOG_DOMAIN_NAME" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
  321. fi
  322. nginx_dissite $FULLBLOG_DOMAIN_NAME
  323. if [ -f /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME ]; then
  324. rm -f /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  325. fi
  326. if [ -d /var/www/$FULLBLOG_DOMAIN_NAME ]; then
  327. rm -rf /var/www/$FULLBLOG_DOMAIN_NAME
  328. fi
  329. if [ $FULLBLOG_CODE ]; then
  330. if [ -f /usr/bin/dynamicdns ]; then
  331. sed -i "/$FULLBLOG_DOMAIN_NAME/d" /usr/bin/dynamicdns
  332. sed -i "/$FULLBLOG_CODE/d" /usr/bin/dynamicdns
  333. fi
  334. fi
  335. function_check remove_onion_service
  336. remove_onion_service blog ${FULLBLOG_ONION_PORT}
  337. sed -i '/install_blog/d' $COMPLETION_FILE
  338. sed -i '/Blog .*/d' $COMPLETION_FILE
  339. }
  340. function get_blog_admin_password {
  341. if [ -f /home/$MY_USERNAME/README ]; then
  342. if grep -q "Your blog password is" /home/$MY_USERNAME/README; then
  343. FULLBLOG_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Your blog password is" | awk -F ':' '{print $2}' | sed 's/^ *//')
  344. fi
  345. fi
  346. }
  347. function install_blog_social_networks {
  348. # set social networks
  349. if grep -q "social.hubzilla" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini; then
  350. sed -i "s|;social.hubzilla|social.hubzilla|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  351. sed -i "s|social.hubzilla.*|social.hubzilla = \"$HUBZILLA_DOMAIN_NAME\"|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  352. fi
  353. if grep -q "social.gnusocial" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini; then
  354. sed -i "s|;social.gnusocial|social.gnusocial|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  355. sed -i "s|social.gnusocial.*|social.gnusocial = \"$MICROBLOG_DOMAIN_NAME\"|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  356. fi
  357. # clear proprietary social network strings
  358. sed -i 's|social.facebook.*|social.facebook = ""|g' /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  359. sed -i 's|social.twitter.*|social.twitter = ""|g' /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  360. sed -i 's|social.google.*|social.google = ""|g' /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  361. }
  362. function install_blog_user {
  363. # create a user password
  364. function_check get_blog_admin_password
  365. get_blog_admin_password
  366. if [ ! $FULLBLOG_ADMIN_PASSWORD ]; then
  367. if [ -f $IMAGE_PASSWORD_FILE ]; then
  368. FULLBLOG_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
  369. else
  370. FULLBLOG_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
  371. fi
  372. echo '' >> /home/$MY_USERNAME/README
  373. echo '' >> /home/$MY_USERNAME/README
  374. echo $'HTMLy Blog' >> /home/$MY_USERNAME/README
  375. echo '==========' >> /home/$MY_USERNAME/README
  376. echo $"Your blog username: $MY_USERNAME" >> /home/$MY_USERNAME/README
  377. echo $"Your blog password is: $FULLBLOG_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
  378. if [[ $ONION_ONLY == 'no' ]]; then
  379. echo $"Log into your blog at https://$FULLBLOG_DOMAIN_NAME/login" >> /home/$MY_USERNAME/README
  380. fi
  381. chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
  382. chmod 600 /home/$MY_USERNAME/README
  383. fi
  384. # create a user
  385. FULLBLOG_ADMIN_PASSWORD_HASH=$(${PROJECT_NAME}-sec --bloghash "$FULLBLOG_ADMIN_PASSWORD")
  386. if [ ${#FULLBLOG_ADMIN_PASSWORD_HASH} -lt 8 ]; then
  387. echo $'Blog admin password could not be hashed'
  388. exit 625728
  389. fi
  390. echo ';Password' > /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
  391. echo "password = $FULLBLOG_ADMIN_PASSWORD_HASH" >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
  392. echo 'encryption = password_hash' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
  393. echo ';Role' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
  394. echo 'role = admin' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
  395. }
  396. function install_blog_settings {
  397. cp /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini.example /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  398. sed -i "s|site.url.*|site.url = '/'|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  399. sed -i "s|blog.title.*|blog.title = '$MY_BLOG_TITLE'|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  400. sed -i "s|blog.tagline.*|blog.tagline = '$MY_BLOG_SUBTITLE'|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  401. sed -i 's|timezone.*|timezone = "Europe/London"|g' /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  402. sed -i "s|Your name|$MY_NAME|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/config.ini
  403. }
  404. function install_blog_website {
  405. function_check nginx_http_redirect
  406. nginx_http_redirect $FULLBLOG_DOMAIN_NAME
  407. echo 'server {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  408. echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  409. echo " root /var/www/$FULLBLOG_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  410. echo " server_name $FULLBLOG_DOMAIN_NAME;" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  411. echo ' access_log off;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  412. echo " error_log /var/log/nginx/${FULLBLOG_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  413. echo ' index index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  414. echo ' charset utf-8;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  415. echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  416. function_check nginx_ssl
  417. nginx_ssl $FULLBLOG_DOMAIN_NAME
  418. function_check nginx_disable_sniffing
  419. nginx_disable_sniffing $FULLBLOG_DOMAIN_NAME
  420. echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  421. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  422. echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  423. echo ' location / {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  424. function_check nginx_limits
  425. nginx_limits $FULLBLOG_DOMAIN_NAME
  426. echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  427. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  428. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  429. echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  430. echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  431. echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  432. echo ' allow all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  433. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  434. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  435. echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  436. echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  437. echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  438. echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  439. echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  440. echo ' expires 30d;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  441. echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  442. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  443. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  444. echo ' # block these file types' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  445. echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  446. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  447. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  448. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  449. echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  450. echo ' # or a unix socket' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  451. echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  452. echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  453. echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  454. echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  455. echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  456. echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  457. echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  458. echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  459. echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  460. echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  461. echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  462. echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  463. echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  464. echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  465. echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  466. echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  467. echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  468. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  469. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  470. echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  471. echo ' location ~ /\. {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  472. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  473. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  474. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  475. echo ' #deny access to store' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  476. echo ' location ~ /store {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  477. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  478. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  479. echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  480. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  481. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  482. echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  483. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  484. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  485. echo '}' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  486. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  487. }
  488. function install_blog_website_onion {
  489. echo 'server {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  490. echo " listen 127.0.0.1:${FULLBLOG_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  491. echo " root /var/www/$FULLBLOG_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  492. echo " server_name $FULLBLOG_DOMAIN_NAME;" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  493. echo ' access_log off;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  494. echo " error_log /var/log/nginx/${FULLBLOG_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  495. echo ' index index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  496. echo ' charset utf-8;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  497. echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  498. function_check nginx_disable_sniffing
  499. nginx_disable_sniffing $FULLBLOG_DOMAIN_NAME
  500. echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  501. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  502. echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  503. echo ' location / {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  504. function_check nginx_limits
  505. nginx_limits $FULLBLOG_DOMAIN_NAME
  506. echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  507. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  508. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  509. echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  510. echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  511. echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  512. echo ' allow all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  513. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  514. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  515. echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  516. echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  517. echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  518. echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  519. echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  520. echo ' expires 30d;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  521. echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  522. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  523. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  524. echo ' # block these file types' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  525. echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  526. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  527. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  528. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  529. echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  530. echo ' # or a unix socket' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  531. echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  532. function_check nginx_limits
  533. nginx_limits $FULLBLOG_DOMAIN_NAME
  534. echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  535. echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  536. echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  537. echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  538. echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  539. echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  540. echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  541. echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  542. echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  543. echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  544. echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  545. echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  546. echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  547. echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  548. echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  549. echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  550. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  551. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  552. echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  553. echo ' location ~ /\. {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  554. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  555. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  556. echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  557. echo ' #deny access to store' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  558. echo ' location ~ /store {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  559. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  560. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  561. echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  562. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  563. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  564. echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  565. echo ' deny all;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  566. echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  567. echo '}' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  568. }
  569. function install_blog_from_repo {
  570. if [ ! -d /var/www/$FULLBLOG_DOMAIN_NAME ]; then
  571. mkdir /var/www/$FULLBLOG_DOMAIN_NAME
  572. fi
  573. cd /var/www/$FULLBLOG_DOMAIN_NAME
  574. git_clone $FULLBLOG_REPO htdocs
  575. cd htdocs
  576. git checkout $FULLBLOG_COMMIT -b $FULLBLOG_COMMIT
  577. if ! grep -q "blog commit" $COMPLETION_FILE; then
  578. echo "blog commit:$FULLBLOG_COMMIT" >> $COMPLETION_FILE
  579. else
  580. sed -i "s/blog commit.*/blog commit:$FULLBLOG_COMMIT/g" $COMPLETION_FILE
  581. fi
  582. }
  583. function install_blog {
  584. if [ ! $ONION_ONLY ]; then
  585. ONION_ONLY='no'
  586. fi
  587. if [ ! $FULLBLOG_DOMAIN_NAME ]; then
  588. echo $'The blog domain name was not specified'
  589. exit 5062
  590. fi
  591. # for the avatar changing command
  592. apt-get -y install imagemagick
  593. function_check install_blog_from_repo
  594. install_blog_from_repo
  595. if [[ $ONION_ONLY == "no" ]]; then
  596. function_check install_blog_website
  597. install_blog_website
  598. else
  599. echo -n '' > /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
  600. fi
  601. function_check install_blog_website_onion
  602. install_blog_website_onion
  603. function_check create_site_certificate
  604. create_site_certificate $FULLBLOG_DOMAIN_NAME 'yes'
  605. function_check configure_php
  606. configure_php
  607. function_check install_blog_settings
  608. install_blog_settings
  609. function_check install_blog_social_networks
  610. install_blog_social_networks
  611. function_check install_blog_user
  612. install_blog_user
  613. chown -R www-data:www-data /var/www/$FULLBLOG_DOMAIN_NAME/htdocs
  614. FULLBLOG_ONION_HOSTNAME=$(add_onion_service blog 80 ${FULLBLOG_ONION_PORT})
  615. function_check nginx_ensite
  616. nginx_ensite $FULLBLOG_DOMAIN_NAME
  617. systemctl restart php5-fpm
  618. systemctl restart nginx
  619. if ! grep -q "Blog onion domain" /home/$MY_USERNAME/README; then
  620. echo $"Blog onion domain: ${FULLBLOG_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
  621. echo $"Log into your blog at https://${FULLBLOG_ONION_HOSTNAME}/login" >> /home/$MY_USERNAME/README
  622. echo '' >> /home/$MY_USERNAME/README
  623. chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
  624. chmod 600 /home/$MY_USERNAME/README
  625. fi
  626. function_check add_ddns_domain
  627. add_ddns_domain $FULLBLOG_DOMAIN_NAME
  628. if ! grep -q "blog domain:" $COMPLETION_FILE; then
  629. echo "blog domain:$FULLBLOG_DOMAIN_NAME" >> $COMPLETION_FILE
  630. fi
  631. }
  632. # NOTE: deliberately no exit 0