freedombone-app-radicale 25KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563
  1. #!/bin/bash
  2. #
  3. # .---. . .
  4. # | | |
  5. # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
  6. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
  7. # ' ' --' --' -' - -' ' ' -' -' -' ' - --'
  8. #
  9. # Freedom in the Cloud
  10. #
  11. # Radicale calendar system
  12. #
  13. # Configuration based upon:
  14. # https://gigacog.com/blog/2016/01/radicale-and-uwsgi-on-nginx-with-systemd
  15. #
  16. # License
  17. # =======
  18. #
  19. # Copyright (C) 2016 Bob Mottram <bob@freedombone.net>
  20. #
  21. # This program is free software: you can redistribute it and/or modify
  22. # it under the terms of the GNU Affero General Public License as published by
  23. # the Free Software Foundation, either version 3 of the License, or
  24. # (at your option) any later version.
  25. #
  26. # This program is distributed in the hope that it will be useful,
  27. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  28. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  29. # GNU Affero General Public License for more details.
  30. #
  31. # You should have received a copy of the GNU Affero General Public License
  32. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  33. VARIANTS='full full-vim'
  34. IN_DEFAULT_INSTALL=0
  35. SHOW_ON_ABOUT=1
  36. RADICALE_DOWNLOAD_URL='https://files.pythonhosted.org/packages/source/R/Radicale/Radicale-'
  37. RADICALE_VERSION='1.1.2'
  38. RADICALE_HASH='ebe22afb7fdcac45a5722a5b3037cc4bf261fc059beba31af7863894d2b840bc'
  39. RADICALE_PASSWORD=
  40. RADICALE_ONION_PORT=8106
  41. RADICALE_PORT=5232
  42. RADICALE_DIRECTORY='/etc/radicale'
  43. RADICALE_USERS=/var/www/radicale/users
  44. radicale_variables=(ONION_ONLY
  45. MY_USERNAME
  46. RADICALE_PASSWORD
  47. DEFAULT_DOMAIN_NAME)
  48. function remove_user_radicale {
  49. remove_username="$1"
  50. ${PROJECT_NAME}-pass -u $remove_username --rmapp radicale
  51. if grep -q "${remove_username}:" ${RADICALE_USERS}; then
  52. sed -i "/${remove_username}:/d" ${RADICALE_USERS}
  53. if [ -d /var/www/radicale/collections/${remove_username} ]; then
  54. rm -rf /var/www/radicale/collections/${remove_username}
  55. fi
  56. if [ -f /var/www/radicale/collections/${remove_username}.props ]; then
  57. rm /var/www/radicale/collections/${remove_username}.props
  58. fi
  59. systemctl restart radicale
  60. fi
  61. }
  62. function add_user_radicale {
  63. new_username="$1"
  64. new_user_password="$2"
  65. ${PROJECT_NAME}-pass -u $new_username -a radicale -p "$new_user_password"
  66. if [ ! -f ${RADICALE_USERS} ]; then
  67. touch ${RADICALE_USERS}
  68. fi
  69. if ! grep -q "$new_username:" ${RADICALE_USERS}; then
  70. htpasswd -bd ${RADICALE_USERS} "$new_username" "$new_user_password"
  71. echo '{"ICAL:calendar-color": "#9e50df"}' > /var/www/radicale/collections/${new_username}.props
  72. mkdir /var/www/radicale/collections/${new_username}
  73. echo '{"ICAL:calendar-color": "#de631a", "tag": "VCALENDAR"}' > /var/www/radicale/collections/${new_username}/calendar.props
  74. echo 'BEGIN:VCALENDAR' > /var/www/radicale/collections/${new_username}/calendar
  75. echo 'PRODID:-//Radicale//NONSGML Radicale Server//EN' >> /var/www/radicale/collections/${new_username}/calendar
  76. echo 'VERSION:2.0' >> /var/www/radicale/collections/${new_username}/calendar
  77. echo 'END:VCALENDAR' >> /var/www/radicale/collections/${new_username}/calendar
  78. chown -R www-data:www-data /var/www/radicale
  79. chmod -R 755 /var/www/radicale/*
  80. systemctl restart radicale
  81. fi
  82. echo '0'
  83. }
  84. function change_password_radicale {
  85. existing_username="$1"
  86. new_user_password="$2"
  87. ${PROJECT_NAME}-pass -u $existing_username -a radicale -p "$new_user_password"
  88. if grep -q "${existing_username}:" ${RADICALE_USERS}; then
  89. sed -i "/${existing_username}:/d" ${RADICALE_USERS}
  90. htpasswd -bd ${RADICALE_USERS} "$existing_username" "$new_user_password"
  91. systemctl reload radicale
  92. fi
  93. }
  94. function install_interactive_radicale {
  95. echo -n ''
  96. APP_INSTALLED=1
  97. }
  98. function reconfigure_radicale {
  99. rm $RADICALE_USERS
  100. rm -rf /var/www/radicale/collections/*
  101. rm -rf /var/log/radicale/*
  102. # create an admin password
  103. if [ -f $IMAGE_PASSWORD_FILE ]; then
  104. RADICALE_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
  105. else
  106. RADICALE_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
  107. fi
  108. add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"
  109. ${PROJECT_NAME}-pass -u $MY_USERNAME -a radicale -p "$RADICALE_PASSWORD"
  110. touch /var/log/radicale/radicale.log
  111. chown -R www-data:www-data /var/log/radicale
  112. }
  113. function upgrade_radicale {
  114. if [ ! -f /usr/local/bin/radicale ]; then
  115. return
  116. fi
  117. if ! grep -q "radicale version:" $COMPLETION_FILE; then
  118. return
  119. fi
  120. CURR_RADICALE_VERSION=$(get_completion_param "radicale version")
  121. if [[ "${CURR_RADICALE_VERSION}" == "${RADICALE_VERSION}" ]]; then
  122. return
  123. fi
  124. # get the source
  125. cd /var/www/radicale
  126. wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz
  127. # check the hash
  128. hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')
  129. if [[ "$hash" != "$RADICALE_HASH" ]]; then
  130. echo $'radicale hash does not match'
  131. exit 638532
  132. fi
  133. tar -xzf Radicale-${RADICALE_VERSION}.tar.gz
  134. if [ ! -d Radicale-${RADICALE_VERSION} ]; then
  135. exit 73529
  136. fi
  137. rm Radicale-${RADICALE_VERSION}.tar.gz
  138. cd Radicale-${RADICALE_VERSION}
  139. # move the old command
  140. mv /usr/local/bin/radicale /usr/local/bin/radicale_previous
  141. # do the install
  142. python setup.py install
  143. # check for install success
  144. if [ ! -f /usr/local/bin/radicale ]; then
  145. mv /usr/local/bin/radicale_previous /usr/local/bin/radicale
  146. echo $'Radicale did not upgrade'
  147. exit 692353
  148. fi
  149. # remove the old source
  150. rm -rf Radicale-${CURR_RADICALE_VERSION}
  151. sed -i "s|radicale version.*|radicale version:$RADICALE_VERSION|g" ${COMPLETION_FILE}
  152. chown -R www-data:www-data /var/www/radicale
  153. systemctl restart radicale
  154. systemctl restart nginx
  155. }
  156. function backup_local_radicale {
  157. source_directory=${RADICALE_DIRECTORY}
  158. if [ -d $source_directory ]; then
  159. dest_directory=radicale
  160. function_check backup_directory_to_usb
  161. backup_directory_to_usb $source_directory $dest_directory
  162. fi
  163. source_directory=/var/www/radicale
  164. if [ -d $source_directory ]; then
  165. dest_directory=radicalewww
  166. function_check backup_directory_to_usb
  167. backup_directory_to_usb $source_directory $dest_directory
  168. fi
  169. }
  170. function restore_local_radicale {
  171. if [ -d ${RADICALE_DIRECTORY} ]; then
  172. temp_restore_dir=/root/tempradicale
  173. function_check restore_directory_from_usb
  174. restore_directory_from_usb $temp_restore_dir radicale
  175. cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}
  176. if [ ! "$?" = "0" ]; then
  177. function_check backup_unmount_drive
  178. backup_unmount_drive
  179. exit 46872
  180. fi
  181. rm -rf $temp_restore_dir
  182. temp_restore_dir=/root/tempradicalewww
  183. restore_directory_from_usb $temp_restore_dir radicalewww
  184. cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale
  185. if [ ! "$?" = "0" ]; then
  186. function_check backup_unmount_drive
  187. backup_unmount_drive
  188. exit 367363
  189. fi
  190. rm -rf $temp_restore_dir
  191. chown -R www-data:www-data /var/www/radicale
  192. systemctl restart radicale
  193. fi
  194. }
  195. function backup_remote_radicale {
  196. if [ -d ${RADICALE_DIRECTORY} ]; then
  197. echo $"Backing up the radicale settings"
  198. backup_directory_to_friend ${RADICALE_DIRECTORY} radicale
  199. backup_directory_to_friend /var/www/radicale radicalewww
  200. echo $"Backup of radicale settings complete"
  201. fi
  202. }
  203. function restore_remote_radicale {
  204. if [ -d ${RADICALE_DIRECTORY} ]; then
  205. temp_restore_dir=/root/tempradicale
  206. function_check restore_directory_from_friend
  207. restore_directory_from_friend $temp_restore_dir radicale
  208. cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}
  209. if [ ! "$?" = "0" ]; then
  210. exit 236746
  211. fi
  212. rm -rf $temp_restore_dir
  213. temp_restore_dir=/root/tempradicalewww
  214. restore_directory_from_friend $temp_restore_dir radicalewww
  215. cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale
  216. if [ ! "$?" = "0" ]; then
  217. exit 3674284
  218. fi
  219. rm -rf $temp_restore_dir
  220. chown -R www-data:www-data /var/www/radicale
  221. systemctl restart radicale
  222. fi
  223. }
  224. function remove_radicale {
  225. nginx_dissite radicale
  226. systemctl stop radicale
  227. systemctl stop uwsgi_rundir
  228. systemctl disable radicale
  229. systemctl disable uwsgi_rundir
  230. if [ -f /etc/systemd/system/uwsgi_rundir.service ]; then
  231. rm /etc/systemd/system/uwsgi_rundir.service
  232. fi
  233. if [ -f /etc/systemd/system/radicale.service ]; then
  234. rm /etc/systemd/system/radicale.service
  235. fi
  236. systemctl daemon-reload
  237. if [ -f /etc/nginx/sites-available/radicale ]; then
  238. rm /etc/nginx/sites-available/radicale
  239. fi
  240. if [ -f /usr/local/bin/uwsgi_rundir.sh ]; then
  241. rm /usr/local/bin/uwsgi_rundir.sh
  242. fi
  243. firewall_remove ${RADICALE_PORT} tcp
  244. groupdel -f radicale
  245. userdel -r radicale
  246. function_check remove_onion_service
  247. remove_onion_service radicale ${RADICALE_ONION_PORT}
  248. apt-get -yq remove --purge radicale python-radicale
  249. if [ -d ${RADICALE_DIRECTORY} ]; then
  250. rm -rf ${RADICALE_DIRECTORY}
  251. fi
  252. if [ -d /var/www/radicale ]; then
  253. rm -rf /var/www/radicale
  254. fi
  255. if [ -f /var/log/radicale/radicale.log ]; then
  256. rm -rf /var/log/radicale
  257. fi
  258. if [ -d /var/log/radicale ]; then
  259. rm -rf /var/log/radicale
  260. fi
  261. if [ -d /var/lib/radicale ]; then
  262. rm -rf /var/lib/radicale
  263. fi
  264. remove_completion_param install_radicale
  265. sed -i '/radicale/d' $COMPLETION_FILE
  266. sed -i '/# Start radicale/,/# End radicale/d' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  267. systemctl restart nginx
  268. }
  269. function install_radicale {
  270. if [[ $ONION_ONLY == 'no' ]]; then
  271. # obtain a cert for the default domain
  272. if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
  273. echo $'Obtaining certificate for the main domain'
  274. create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
  275. fi
  276. fi
  277. apt-get -yq remove --purge radicale python-radicale
  278. useradd -c "Radicale system account" -d /var/www/radicale -m -r -g radicale radicale
  279. usermod -a -G www-data radicale
  280. groupadd radicale
  281. # create directories
  282. if [ ! -d /var/log/radicale ]; then
  283. mkdir /var/log/radicale
  284. fi
  285. if [ ! -f /var/log/radicale/radicale.log ]; then
  286. touch /var/log/radicale/radicale.log
  287. fi
  288. chown -R www-data:www-data /var/log/radicale
  289. apt-get -yq install python-setuptools apache2-utils
  290. if [ ! -d /var/www/radicale ]; then
  291. mkdir -p /var/www/radicale
  292. fi
  293. # get the source
  294. cd /var/www/radicale
  295. wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz
  296. # check the hash
  297. hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')
  298. if [[ "$hash" != "$RADICALE_HASH" ]]; then
  299. echo $'radicale hash does not match'
  300. exit 638532
  301. fi
  302. tar -xzf Radicale-${RADICALE_VERSION}.tar.gz
  303. if [ ! -d Radicale-${RADICALE_VERSION} ]; then
  304. exit 623252
  305. fi
  306. rm Radicale-${RADICALE_VERSION}.tar.gz
  307. cd Radicale-${RADICALE_VERSION}
  308. python setup.py install
  309. if [ ! -f /usr/local/bin/radicale ]; then
  310. echo $'Radicale did not install'
  311. exit 7283554
  312. fi
  313. if [ ! -d ${RADICALE_DIRECTORY} ]; then
  314. mkdir ${RADICALE_DIRECTORY}
  315. fi
  316. if [ ! -d /var/www/radicale/collections ]; then
  317. mkdir -p /var/www/radicale/collections
  318. fi
  319. # create the configuration
  320. echo '[server]' > ${RADICALE_DIRECTORY}/config
  321. echo 'hosts=localhost:52322' >> ${RADICALE_DIRECTORY}/config
  322. echo 'ssl = False' >> ${RADICALE_DIRECTORY}/config
  323. echo 'daemon = False' >> ${RADICALE_DIRECTORY}/config
  324. echo 'base_prefix=/radicale/' >> ${RADICALE_DIRECTORY}/config
  325. echo '' >> ${RADICALE_DIRECTORY}/config
  326. echo '[storage]' >> ${RADICALE_DIRECTORY}/config
  327. echo 'type = filesystem' >> ${RADICALE_DIRECTORY}/config
  328. echo "filesystem_folder = /var/www/radicale/collections" >> ${RADICALE_DIRECTORY}/config
  329. echo '' >> ${RADICALE_DIRECTORY}/config
  330. echo '[well-known]' >> ${RADICALE_DIRECTORY}/config
  331. echo "caldav = '/%(user)s/caldav/'" >> ${RADICALE_DIRECTORY}/config
  332. echo "carddav = '/%(user)s/carddav/'" >> ${RADICALE_DIRECTORY}/config
  333. echo '' >> ${RADICALE_DIRECTORY}/config
  334. echo '#[auth]' >> ${RADICALE_DIRECTORY}/config
  335. echo '#imap_hostname = localhost' >> ${RADICALE_DIRECTORY}/config
  336. echo '#imap_port = 143' >> ${RADICALE_DIRECTORY}/config
  337. echo '#imap_ssl = False' >> ${RADICALE_DIRECTORY}/config
  338. echo '' >> ${RADICALE_DIRECTORY}/config
  339. echo '[logging]' >> ${RADICALE_DIRECTORY}/config
  340. echo 'debug = False' >> ${RADICALE_DIRECTORY}/config
  341. # create an admin password
  342. if [ ${#RADICALE_PASSWORD} -lt 8 ]; then
  343. if [ -f $IMAGE_PASSWORD_FILE ]; then
  344. RADICALE_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
  345. else
  346. RADICALE_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
  347. fi
  348. fi
  349. add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"
  350. echo '[Unit]' > /etc/systemd/system/radicale.service
  351. echo 'Description=Radicale CalDAV Server' >> /etc/systemd/system/radicale.service
  352. echo 'After=network.target' >> /etc/systemd/system/radicale.service
  353. echo '' >> /etc/systemd/system/radicale.service
  354. echo '[Service]' >> /etc/systemd/system/radicale.service
  355. echo 'Type=simple' >> /etc/systemd/system/radicale.service
  356. echo 'User=www-data' >> /etc/systemd/system/radicale.service
  357. echo 'Group=www-data' >> /etc/systemd/system/radicale.service
  358. echo "ExecStart=/usr/local/bin/radicale --config ${RADICALE_DIRECTORY}/config" >> /etc/systemd/system/radicale.service
  359. echo 'Restart=on-failure' >> /etc/systemd/system/radicale.service
  360. echo 'RestartSec=10' >> /etc/systemd/system/radicale.service
  361. echo '' >> /etc/systemd/system/radicale.service
  362. echo '[Install]' >> /etc/systemd/system/radicale.service
  363. echo 'WantedBy=multi-user.target' >> /etc/systemd/system/radicale.service
  364. addresses_str=$"Addresses"
  365. echo "{\"tag\": \"VADDRESSBOOK\", \"D:displayname\": \"${addresses_str}\"}" > /var/www/radicale/collections/addresses.props
  366. touch /var/www/radicale/collections/addresses
  367. if [ ! -d /var/lib/radicale ]; then
  368. mkdir /var/lib/radicale
  369. fi
  370. chown radicale:radicale /var/lib/radicale
  371. chown -R www-data:www-data /var/www/radicale
  372. chmod -R 755 /var/www/radicale
  373. chown -R www-data:www-data ${RADICALE_DIRECTORY}
  374. systemctl enable radicale
  375. systemctl start radicale
  376. if [ ! -f /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} ]; then
  377. # create a new site config
  378. RADICALE_ONION_HOSTNAME=$(add_onion_service radicale 80 ${RADICALE_ONION_PORT})
  379. if [[ $ONION_ONLY == 'no' ]]; then
  380. echo 'server {' > /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  381. echo " listen 443 ssl;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  382. echo " listen [::]:443 ssl;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  383. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  384. function_check nginx_ssl
  385. nginx_ssl ${DEFAULT_DOMAIN_NAME} mobile
  386. function_check nginx_disable_sniffing
  387. nginx_disable_sniffing ${DEFAULT_DOMAIN_NAME}
  388. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  389. echo " server_name ${DEFAULT_DOMAIN_NAME};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  390. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  391. echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  392. echo ' error_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  393. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  394. echo ' # Start radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  395. echo ' location @radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  396. echo ' auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  397. echo ' auth_basic_user_file /var/www/radicale/users;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  398. echo ' proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  399. echo ' proxy_buffering off;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  400. echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  401. echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  402. echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  403. echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  404. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  405. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  406. echo ' location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  407. echo ' try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  408. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  409. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  410. echo ' location /.well-known/carddav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  411. echo ' try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  412. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  413. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  414. echo ' location /.well-known/caldav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  415. echo ' try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  416. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  417. echo ' # End radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  418. echo '}' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  419. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  420. else
  421. echo -n '' > /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  422. fi
  423. echo 'server {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  424. echo " listen localhost:${RADICALE_ONION_PORT} default_server;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  425. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  426. echo " server_name ${RADICALE_ONION_HOSTNAME};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  427. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  428. echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  429. echo ' error_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  430. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  431. echo ' # Start radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  432. echo ' location @radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  433. echo ' auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  434. echo ' auth_basic_user_file /var/www/radicale/users;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  435. echo ' proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  436. echo ' proxy_buffering off;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  437. echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  438. echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  439. echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  440. echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  441. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  442. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  443. echo ' location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  444. echo ' try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  445. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  446. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  447. echo ' location /.well-known/carddav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  448. echo ' try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  449. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  450. echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  451. echo ' location /.well-known/caldav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  452. echo ' try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  453. echo ' }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  454. echo ' # End radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  455. echo '}' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  456. set_completion_param "radicale onion domain" "${RADICALE_ONION_HOSTNAME}"
  457. else
  458. # alter the existing site config
  459. if ! grep -q "# Start radicale" /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}; then
  460. sed -i '/]:443/a # Start radicale\n location @radicale {\n auth_basic "Radicale";\n auth_basic_user_file \/var\/www\/radicale\/users;\n proxy_pass http:\/\/localhost:52322;\n proxy_buffering off;\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n }\n\n location \/radicale {\n try_files $uri @radicale;\n }\n\n location \/.well-known\/carddav {\n try_files $uri @radicale;\n }\n\n location \/.well-known\/caldav {\n try_files $uri @radicale;\n }\n # End radicale' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  461. sed -i '/listen localhost/a # Start radicale\n location @radicale {\n auth_basic "Radicale";\n auth_basic_user_file \/var\/www\/radicale\/users;\n proxy_pass http:\/\/localhost:52322;\n proxy_buffering off;\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n }\n\n location \/radicale {\n try_files $uri @radicale;\n }\n\n location \/.well-known\/carddav {\n try_files $uri @radicale;\n }\n\n location \/.well-known\/caldav {\n try_files $uri @radicale;\n }\n # End radicale' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}
  462. fi
  463. fi
  464. # create a certificate
  465. if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
  466. if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
  467. ${PROJECT_NAME}-addcert -h $DEFAULT_DOMAIN_NAME --dhkey ${DH_KEYLENGTH}
  468. check_certificates $DEFAULT_DOMAIN_NAME
  469. fi
  470. fi
  471. if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
  472. sed -i "s|radicale.crt|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale
  473. sed -i "s|radicale.pem|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale
  474. fi
  475. sed -i "s|radicale.key|${DEFAULT_DOMAIN_NAME}.key|g" /etc/nginx/sites-available/radicale
  476. sed -i "s|radicale.dhparam|${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/nginx/sites-available/radicale
  477. update_default_domain
  478. systemctl restart nginx
  479. ${PROJECT_NAME}-pass -u $MY_USERNAME -a radicale -p "$RADICALE_PASSWORD"
  480. # keep track of the version so we can check for upgrades
  481. if ! grep -q "radicale version:" ${COMPLETION_FILE}; then
  482. echo "radicale version:${RADICALE_VERSION}" >> ${COMPLETION_FILE}
  483. else
  484. sed -i "s|radicale version.*|radicale version:${RADICALE_VERSION}|g" ${COMPLETION_FILE}
  485. fi
  486. APP_INSTALLED=1
  487. }
  488. # NOTE: deliberately no exit 0