free
/
freedombone
Volgen 1
Ster 0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 0 Wiki Activiteit
9636 Commits
5 Branches
Tree: 3fe5830e02
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van '3fe5830e02'
${ noResults }
freedombone/src/freedombone-app-radicale

freedombone-app-radicale 21KB
Geschiedenis Ruw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589 
  1. #!/bin/bash

  2. #  _____               _           _

  3. # |   __|___ ___ ___ _| |___ _____| |_ ___ ___ ___

  4. # |   __|  _| -_| -_| . | . |     | . | . |   | -_|

  5. # |__|  |_| |___|___|___|___|_|_|_|___|___|_|_|___|

  6. #

  7. #                              Freedom in the Cloud

  8. #

  9. # Radicale calendar system

  10. #

  11. # Configuration based upon:

  12. #   https://gigacog.com/blog/2016/01/radicale-and-uwsgi-on-nginx-with-systemd

  13. #

  14. # License

  15. # =======

  16. #

  17. # Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>

  18. #

  19. # This program is free software: you can redistribute it and/or modify

  20. # it under the terms of the GNU Affero General Public License as published by

  21. # the Free Software Foundation, either version 3 of the License, or

  22. # (at your option) any later version.

  23. #

  24. # This program is distributed in the hope that it will be useful,

  25. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  26. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  27. # GNU Affero General Public License for more details.

  28. #

  29. # You should have received a copy of the GNU Affero General Public License

  30. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  31. 

  32. VARIANTS=''

  33. 

  34. IN_DEFAULT_INSTALL=0

  35. SHOW_ON_ABOUT=1

  36. 

  37. RADICALE_DOWNLOAD_URL='https://files.pythonhosted.org/packages/source/R/Radicale/Radicale-'

  38. RADICALE_VERSION='1.1.2'

  39. RADICALE_HASH='ebe22afb7fdcac45a5722a5b3037cc4bf261fc059beba31af7863894d2b840bc'

  40. RADICALE_PASSWORD=

  41. RADICALE_ONION_PORT=8106

  42. RADICALE_PORT=5232

  43. RADICALE_DIRECTORY='/etc/radicale'

  44. RADICALE_USERS=/var/www/radicale/users

  45. 

  46. radicale_variables=(ONION_ONLY

  47.                     MY_USERNAME

  48.                     RADICALE_PASSWORD

  49.                     DEFAULT_DOMAIN_NAME)

  50. 

  51. function logging_on_radicale {

  52.     echo -n ''

  53. }

  54. 

  55. function logging_off_radicale {

  56.     echo -n ''

  57. }

  58. 

  59. function remove_user_radicale {

  60.     remove_username="$1"

  61. 

  62.     "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp radicale

  63. 

  64.     if grep -q "${remove_username}:" ${RADICALE_USERS}; then

  65.         sed -i "/${remove_username}:/d" ${RADICALE_USERS}

  66.         if [ -d "/var/www/radicale/collections/${remove_username}" ]; then

  67.             rm -rf "/var/www/radicale/collections/${remove_username}"

  68.         fi

  69.         if [ -f "/var/www/radicale/collections/${remove_username}.props" ]; then

  70.             rm "/var/www/radicale/collections/${remove_username}.props"

  71.         fi

  72.         systemctl restart radicale

  73.     fi

  74. }

  75. 

  76. function add_user_radicale {

  77.     new_username="$1"

  78.     new_user_password="$2"

  79. 

  80.     "${PROJECT_NAME}-pass" -u "$new_username" -a radicale -p "$new_user_password"

  81. 

  82.     if [ ! -f ${RADICALE_USERS} ]; then

  83.         touch ${RADICALE_USERS}

  84.     fi

  85. 

  86.     if ! grep -q "$new_username:" ${RADICALE_USERS}; then

  87.         htpasswd -bd ${RADICALE_USERS} "$new_username" "$new_user_password"

  88. 

  89.         echo '{"ICAL:calendar-color": "#9e50df"}' > "/var/www/radicale/collections/${new_username}.props"

  90.         mkdir "/var/www/radicale/collections/${new_username}"

  91.         echo '{"ICAL:calendar-color": "#de631a", "tag": "VCALENDAR"}' > "/var/www/radicale/collections/${new_username}/calendar.props"

  92.         { echo 'BEGIN:VCALENDAR';

  93.           echo 'PRODID:-//Radicale//NONSGML Radicale Server//EN';

  94.           echo 'VERSION:2.0';

  95.           echo 'END:VCALENDAR'; } >> "/var/www/radicale/collections/${new_username}/calendar"

  96. 

  97.         chown -R www-data:www-data /var/www/radicale

  98.         chmod -R 755 /var/www/radicale/*

  99.         systemctl restart radicale

  100.     fi

  101.     echo '0'

  102. }

  103. 

  104. function change_password_radicale {

  105.     existing_username="$1"

  106.     new_user_password="$2"

  107. 

  108.     "${PROJECT_NAME}-pass" -u "$existing_username" -a radicale -p "$new_user_password"

  109. 

  110.     if grep -q "${existing_username}:" ${RADICALE_USERS}; then

  111.         sed -i "/${existing_username}:/d" ${RADICALE_USERS}

  112.         htpasswd -bd ${RADICALE_USERS} "$existing_username" "$new_user_password"

  113.         systemctl reload radicale

  114.     fi

  115. }

  116. 

  117. function install_interactive_radicale {

  118.     echo -n ''

  119.     APP_INSTALLED=1

  120. }

  121. 

  122. function reconfigure_radicale {

  123.     rm $RADICALE_USERS

  124.     rm -rf /var/www/radicale/collections/*

  125.     rm -rf /var/log/radicale/*

  126. 

  127.     # create an admin password

  128.     if [ -f "$IMAGE_PASSWORD_FILE" ]; then

  129.         RADICALE_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"

  130.     else

  131.         RADICALE_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"

  132.     fi

  133.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  134. 

  135.     "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a radicale -p "$RADICALE_PASSWORD"

  136. 

  137.     touch /var/log/radicale/radicale.log

  138.     chown -R www-data:www-data /var/log/radicale

  139. }

  140. 

  141. function upgrade_radicale {

  142.     if [ ! -f /usr/local/bin/radicale ]; then

  143.         return

  144.     fi

  145. 

  146.     if ! grep -q "radicale version:" "$COMPLETION_FILE"; then

  147.         return

  148.     fi

  149. 

  150.     CURR_RADICALE_VERSION=$(get_completion_param "radicale version")

  151.     if [[ "${CURR_RADICALE_VERSION}" == "${RADICALE_VERSION}" ]]; then

  152.         return

  153.     fi

  154. 

  155.     # get the source

  156.     cd /var/www/radicale || exit 62784628468

  157.     wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz

  158. 

  159.     # check the hash

  160.     hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')

  161.     if [[ "$hash" != "$RADICALE_HASH" ]]; then

  162.         echo $'radicale hash does not match'

  163.         exit 638532

  164.     fi

  165. 

  166.     tar -xzf Radicale-${RADICALE_VERSION}.tar.gz

  167.     if [ ! -d Radicale-${RADICALE_VERSION} ]; then

  168.         exit 73529

  169.     fi

  170.     rm Radicale-${RADICALE_VERSION}.tar.gz

  171.     cd "Radicale-${RADICALE_VERSION}" || exit 264824684

  172. 

  173.     # move the old command

  174.     mv /usr/local/bin/radicale /usr/local/bin/radicale_previous

  175. 

  176.     # do the install

  177.     python setup.py install

  178. 

  179.     # check for install success

  180.     if [ ! -f /usr/local/bin/radicale ]; then

  181.         mv /usr/local/bin/radicale_previous /usr/local/bin/radicale

  182.         echo $'Radicale did not upgrade'

  183.         exit 692353

  184.     fi

  185. 

  186.     # remove the old source

  187.     rm -rf "Radicale-${CURR_RADICALE_VERSION}" || exit 6842684282

  188. 

  189.     sed -i "s|radicale version.*|radicale version:$RADICALE_VERSION|g" "${COMPLETION_FILE}"

  190.     chown -R www-data:www-data /var/www/radicale

  191.     systemctl restart radicale

  192.     systemctl restart nginx

  193. }

  194. 

  195. function backup_local_radicale {

  196.     source_directory=${RADICALE_DIRECTORY}

  197.     if [ -d $source_directory ]; then

  198.         dest_directory=radicale

  199.         function_check backup_directory_to_usb

  200.         backup_directory_to_usb $source_directory $dest_directory

  201.     fi

  202.     source_directory=/var/www/radicale

  203.     if [ -d $source_directory ]; then

  204.         dest_directory=radicalewww

  205.         function_check backup_directory_to_usb

  206.         backup_directory_to_usb $source_directory $dest_directory

  207.     fi

  208. }

  209. 

  210. function restore_local_radicale {

  211.     if [ -d ${RADICALE_DIRECTORY} ]; then

  212.         temp_restore_dir=/root/tempradicale

  213.         function_check restore_directory_from_usb

  214.         restore_directory_from_usb $temp_restore_dir radicale

  215.         if [ -d $temp_restore_dir${RADICALE_DIRECTORY} ]; then

  216.             cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  217.         else

  218.             cp -r $temp_restore_dir/* ${RADICALE_DIRECTORY}/

  219.         fi

  220.         # shellcheck disable=SC2181

  221.         if [ ! "$?" = "0" ]; then

  222.             function_check backup_unmount_drive

  223.             backup_unmount_drive

  224.             exit 46872

  225.         fi

  226.         rm -rf $temp_restore_dir

  227. 

  228.         temp_restore_dir=/root/tempradicalewww

  229.         restore_directory_from_usb $temp_restore_dir radicalewww

  230.         if [ -d $temp_restore_dir/var/www/radicale ]; then

  231.             cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale

  232.         else

  233.             cp -r $temp_restore_dir/* /var/www/radicale/*

  234.         fi

  235.         # shellcheck disable=SC2181

  236.         if [ ! "$?" = "0" ]; then

  237.             function_check backup_unmount_drive

  238.             backup_unmount_drive

  239.             exit 367363

  240.         fi

  241.         rm -rf $temp_restore_dir

  242.         chown -R www-data:www-data /var/www/radicale

  243. 

  244.         systemctl restart radicale

  245.     fi

  246. }

  247. 

  248. function backup_remote_radicale {

  249.     if [ -d ${RADICALE_DIRECTORY} ]; then

  250.         echo $"Backing up the radicale settings"

  251.         backup_directory_to_friend ${RADICALE_DIRECTORY} radicale

  252.         backup_directory_to_friend /var/www/radicale radicalewww

  253.         echo $"Backup of radicale settings complete"

  254.     fi

  255. }

  256. 

  257. function restore_remote_radicale {

  258.     if [ -d ${RADICALE_DIRECTORY} ]; then

  259.         temp_restore_dir=/root/tempradicale

  260.         function_check restore_directory_from_friend

  261.         restore_directory_from_friend $temp_restore_dir radicale

  262.         if [ -d $temp_restore_dir${RADICALE_DIRECTORY} ]; then

  263.             cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  264.         else

  265.             cp -r $temp_restore_dir/* ${RADICALE_DIRECTORY}/

  266.         fi

  267.         # shellcheck disable=SC2181

  268.         if [ ! "$?" = "0" ]; then

  269.             exit 236746

  270.         fi

  271.         rm -rf $temp_restore_dir

  272. 

  273.         temp_restore_dir=/root/tempradicalewww

  274.         restore_directory_from_friend $temp_restore_dir radicalewww

  275.         if [ -d $temp_restore_dir/var/www/radicale ]; then

  276.             cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale

  277.         else

  278.             cp -r $temp_restore_dir/* /var/www/radicale

  279.         fi

  280.         # shellcheck disable=SC2181

  281.         if [ ! "$?" = "0" ]; then

  282.             exit 3674284

  283.         fi

  284.         rm -rf $temp_restore_dir

  285.         chown -R www-data:www-data /var/www/radicale

  286. 

  287.         systemctl restart radicale

  288.     fi

  289. }

  290. 

  291. function remove_radicale {

  292.     nginx_dissite radicale

  293.     systemctl stop radicale

  294.     systemctl stop uwsgi_rundir

  295.     systemctl disable radicale

  296.     systemctl disable uwsgi_rundir

  297.     if [ -f /etc/systemd/system/uwsgi_rundir.service ]; then

  298.         rm /etc/systemd/system/uwsgi_rundir.service

  299.     fi

  300.     if [ -f /etc/systemd/system/radicale.service ]; then

  301.         rm /etc/systemd/system/radicale.service

  302.     fi

  303.     systemctl daemon-reload

  304.     if [ -f /etc/nginx/sites-available/radicale ]; then

  305.         rm /etc/nginx/sites-available/radicale

  306.     fi

  307.     if [ -f /usr/local/bin/uwsgi_rundir.sh ]; then

  308.         rm /usr/local/bin/uwsgi_rundir.sh

  309.     fi

  310. 

  311.     firewall_remove ${RADICALE_PORT} tcp

  312. 

  313.     groupdel -f radicale

  314.     userdel -r radicale

  315. 

  316.     function_check remove_onion_service

  317.     remove_onion_service radicale ${RADICALE_ONION_PORT}

  318. 

  319.     apt-get -yq remove --purge radicale python-radicale

  320.     if [ -d ${RADICALE_DIRECTORY} ]; then

  321.         rm -rf ${RADICALE_DIRECTORY}

  322.     fi

  323.     if [ -d /var/www/radicale ]; then

  324.         rm -rf /var/www/radicale

  325.     fi

  326.     if [ -f /var/log/radicale/radicale.log ]; then

  327.         rm -rf /var/log/radicale

  328.     fi

  329.     if [ -d /var/log/radicale ]; then

  330.         rm -rf /var/log/radicale

  331.     fi

  332.     if [ -d /var/lib/radicale ]; then

  333.         rm -rf /var/lib/radicale

  334.     fi

  335. 

  336.     remove_completion_param install_radicale

  337.     sed -i '/radicale/d' "$COMPLETION_FILE"

  338.     sed -i '/# Start radicale/,/# End radicale/d' "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  339.     systemctl restart nginx

  340. }

  341. 

  342. function install_radicale {

  343.     if [[ $ONION_ONLY == 'no' ]]; then

  344.         # obtain a cert for the default domain

  345.         if [[ "$(cert_exists "${DEFAULT_DOMAIN_NAME}" pem)" == "0" ]]; then

  346.             echo $'Obtaining certificate for the main domain'

  347.             create_site_certificate "${DEFAULT_DOMAIN_NAME}" 'yes'

  348.         fi

  349.     fi

  350. 

  351.     apt-get -yq remove --purge radicale python-radicale

  352. 

  353.     useradd -c "Radicale system account" -d /var/www/radicale -m -r -g radicale radicale

  354.     usermod -a -G www-data radicale

  355.     groupadd radicale

  356. 

  357.     # create directories

  358.     if [ ! -d /var/log/radicale ]; then

  359.         mkdir /var/log/radicale

  360.     fi

  361.     if [ ! -f /var/log/radicale/radicale.log ]; then

  362.         touch /var/log/radicale/radicale.log

  363.     fi

  364.     chown -R www-data:www-data /var/log/radicale

  365. 

  366.     apt-get -yq install python-setuptools apache2-utils

  367. 

  368.     if [ ! -d /var/www/radicale ]; then

  369.         mkdir -p /var/www/radicale

  370.     fi

  371. 

  372.     # get the source

  373.     cd /var/www/radicale || exit 462874628

  374.     wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz

  375. 

  376.     # check the hash

  377.     hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')

  378.     if [[ "$hash" != "$RADICALE_HASH" ]]; then

  379.         echo $'radicale hash does not match'

  380.         exit 638532

  381.     fi

  382. 

  383.     tar -xzf Radicale-${RADICALE_VERSION}.tar.gz

  384.     if [ ! -d Radicale-${RADICALE_VERSION} ]; then

  385.         exit 623252

  386.     fi

  387.     rm Radicale-${RADICALE_VERSION}.tar.gz

  388.     cd "Radicale-${RADICALE_VERSION}" || exit 872462842

  389.     python setup.py install

  390.     if [ ! -f /usr/local/bin/radicale ]; then

  391.         echo $'Radicale did not install'

  392.         exit 7283554

  393.     fi

  394. 

  395.     if [ ! -d ${RADICALE_DIRECTORY} ]; then

  396.         mkdir ${RADICALE_DIRECTORY}

  397.     fi

  398.     if [ ! -d /var/www/radicale/collections ]; then

  399.         mkdir -p /var/www/radicale/collections

  400.     fi

  401. 

  402.     # create the configuration

  403.     { echo '[server]';

  404.       echo 'hosts=localhost:52322';

  405.       echo 'ssl = False';

  406.       echo 'daemon = False';

  407.       echo 'base_prefix=/radicale/';

  408.       echo '';

  409.       echo '[storage]';

  410.       echo 'type = filesystem';

  411.       echo "filesystem_folder = /var/www/radicale/collections";

  412.       echo '';

  413.       echo '[well-known]';

  414.       echo "caldav = '/%(user)s/caldav/'";

  415.       echo "carddav = '/%(user)s/carddav/'";

  416.       echo '';

  417.       echo '#[auth]';

  418.       echo '#imap_hostname = localhost';

  419.       echo '#imap_port = 143';

  420.       echo '#imap_ssl = False';

  421.       echo '';

  422.       echo '[logging]';

  423.       echo 'debug = False'; } > "${RADICALE_DIRECTORY}/config"

  424. 

  425.     # create an admin password

  426.     if [ ${#RADICALE_PASSWORD} -lt 8 ]; then

  427.         if [ -f "$IMAGE_PASSWORD_FILE" ]; then

  428.             RADICALE_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"

  429.         else

  430.             RADICALE_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"

  431.         fi

  432.     fi

  433.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  434. 

  435.     { echo '[Unit]';

  436.       echo 'Description=Radicale CalDAV Server';

  437.       echo 'After=network.target';

  438.       echo '';

  439.       echo '[Service]';

  440.       echo 'Type=simple';

  441.       echo 'User=www-data';

  442.       echo 'Group=www-data';

  443.       echo "ExecStart=/usr/local/bin/radicale --config ${RADICALE_DIRECTORY}/config";

  444.       echo 'Restart=on-failure';

  445.       echo 'RestartSec=10';

  446.       echo '';

  447.       echo '[Install]';

  448.       echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/radicale.service

  449. 

  450.     addresses_str=$"Addresses"

  451.     echo "{\"tag\": \"VADDRESSBOOK\", \"D:displayname\": \"${addresses_str}\"}" > /var/www/radicale/collections/addresses.props

  452.     touch /var/www/radicale/collections/addresses

  453. 

  454.     if [ ! -d /var/lib/radicale ]; then

  455.         mkdir /var/lib/radicale

  456.     fi

  457.     chown radicale:radicale /var/lib/radicale

  458. 

  459.     chown -R www-data:www-data /var/www/radicale

  460.     chmod -R 755 /var/www/radicale

  461.     chown -R www-data:www-data ${RADICALE_DIRECTORY}

  462. 

  463.     systemctl enable radicale

  464.     systemctl start radicale

  465. 

  466.     if [ ! -f "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}" ]; then

  467.         # create a new site config

  468.         RADICALE_ONION_HOSTNAME=$(add_onion_service radicale 80 ${RADICALE_ONION_PORT})

  469. 

  470.         if [[ $ONION_ONLY == 'no' ]]; then

  471.             { echo 'server {';

  472.               echo "    listen 443 ssl;";

  473.               echo "    #listen [::]:443 ssl;";

  474.               echo ''; } > "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  475.             function_check nginx_ssl

  476.             nginx_ssl "${DEFAULT_DOMAIN_NAME}" mobile

  477.             function_check nginx_security_options

  478.             nginx_security_options "${DEFAULT_DOMAIN_NAME}"

  479.             { echo '';

  480.               echo "    server_name ${DEFAULT_DOMAIN_NAME};";

  481. 

  482.               echo '';

  483.               echo '    access_log /dev/null;';

  484.               echo '    error_log /dev/null;';

  485.               echo '';

  486.               echo '    # Start radicale';

  487.               echo '    location @radicale {';

  488.               echo '        auth_basic "Radicale";';

  489.               echo '        auth_basic_user_file /var/www/radicale/users;';

  490.               echo '        proxy_pass http://localhost:52322;';

  491.               echo '        proxy_buffering off;';

  492.               echo "        proxy_set_header Host \$host;";

  493.               echo "        proxy_set_header X-Real-IP \$remote_addr;";

  494.               echo "        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";

  495.               echo "        proxy_set_header X-Forwarded-Proto \$scheme;";

  496.               echo '    }';

  497.               echo '';

  498.               echo '    location /radicale {';

  499.               echo "        try_files \$uri @radicale;";

  500.               echo '    }';

  501.               echo '';

  502.               echo '    location /.well-known/carddav {';

  503.               echo "        try_files \$uri @radicale;";

  504.               echo '    }';

  505.               echo '';

  506.               echo '    location /.well-known/caldav {';

  507.               echo "        try_files \$uri @radicale;";

  508.               echo '    }';

  509.               echo '    # End radicale';

  510.               echo '}';

  511.               echo ''; } >> "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  512.         else

  513.             echo -n '' > "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  514.         fi

  515.         { echo 'server {';

  516.           echo "    listen localhost:${RADICALE_ONION_PORT} default_server;";

  517.           echo '';

  518.           echo "    server_name ${RADICALE_ONION_HOSTNAME};";

  519.           echo '';

  520.           echo '    access_log /dev/null;';

  521.           echo '    error_log /dev/null;';

  522.           echo '';

  523.           echo '    # Start radicale';

  524.           echo '    location @radicale {';

  525.           echo '        auth_basic "Radicale";';

  526.           echo '        auth_basic_user_file /var/www/radicale/users;';

  527.           echo '        proxy_pass http://localhost:52322;';

  528.           echo '        proxy_buffering off;';

  529.           echo "        proxy_set_header Host \$host;";

  530.           echo "        proxy_set_header X-Real-IP \$remote_addr;";

  531.           echo "        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";

  532.           echo "        proxy_set_header X-Forwarded-Proto \$scheme;";

  533.           echo '    }';

  534.           echo '';

  535.           echo '    location /radicale {';

  536.           echo "        try_files \$uri @radicale;";

  537.           echo '    }';

  538.           echo '';

  539.           echo '    location /.well-known/carddav {';

  540.           echo "        try_files \$uri @radicale;";

  541.           echo '    }';

  542.           echo '';

  543.           echo '    location /.well-known/caldav {';

  544.           echo "        try_files \$uri @radicale;";

  545.           echo '    }';

  546.           echo '    # End radicale';

  547.           echo '}'; } >> "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  548. 

  549.         set_completion_param "radicale onion domain" "${RADICALE_ONION_HOSTNAME}"

  550.     else

  551.         # alter the existing site config

  552.         if ! grep -q "# Start radicale" "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"; then

  553.             sed -i "/]:443/a    # Start radicale\\n  location @radicale {\\n    auth_basic \"Radicale\";\\n    auth_basic_user_file \\/var\\/www\\/radicale\\/users;\\n    proxy_pass http:\\/\\/localhost:52322;\\n    proxy_buffering off;\\n    proxy_set_header Host \$host;\\n    proxy_set_header X-Real-IP \$remote_addr;\\n    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\\n    proxy_set_header X-Forwarded-Proto \$scheme;\\n  }\\n\\n  location \\/radicale {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/carddav {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/caldav {\\n      try_files \$uri @radicale;\\n  }\\n  # End radicale" "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  554.             sed -i "/listen localhost/a    # Start radicale\\n  location @radicale {\\n    auth_basic \"Radicale\";\\n    auth_basic_user_file \\/var\\/www\\/radicale\\/users;\\n    proxy_pass http:\\/\\/localhost:52322;\\n    proxy_buffering off;\\n    proxy_set_header Host \$host;\\n    proxy_set_header X-Real-IP \$remote_addr;\\n    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\\n    proxy_set_header X-Forwarded-Proto \$scheme;\\n  }\\n\\n  location \\/radicale {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/carddav {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/caldav {\\n      try_files \$uri @radicale;\\n  }\\n  # End radicale" "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  555.         fi

  556.     fi

  557. 

  558.     # create a certificate

  559.     if [ ! -f "/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" ]; then

  560.         if [ ! -f "/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt" ]; then

  561.             "${PROJECT_NAME}-addcert" -h "$DEFAULT_DOMAIN_NAME" --dhkey "${DH_KEYLENGTH}"

  562.             check_certificates "$DEFAULT_DOMAIN_NAME"

  563.         fi

  564.     fi

  565. 

  566.     if [ -f "/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" ]; then

  567.         sed -i "s|radicale.crt|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  568.         sed -i "s|radicale.pem|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  569.     fi

  570.     sed -i "s|radicale.key|${DEFAULT_DOMAIN_NAME}.key|g" /etc/nginx/sites-available/radicale

  571.     sed -i "s|radicale.dhparam|${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/nginx/sites-available/radicale

  572. 

  573.     update_default_domain

  574. 

  575.     systemctl restart nginx

  576. 

  577.     "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a radicale -p "$RADICALE_PASSWORD"

  578. 

  579.     # keep track of the version so we can check for upgrades

  580.     if ! grep -q "radicale version:" "${COMPLETION_FILE}"; then

  581.         echo "radicale version:${RADICALE_VERSION}" >> "${COMPLETION_FILE}"

  582.     else

  583.         sed -i "s|radicale version.*|radicale version:${RADICALE_VERSION}|g" "${COMPLETION_FILE}"

  584.     fi

  585. 

  586.     APP_INSTALLED=1

  587. }

  588. 

  589. # NOTE: deliberately no exit 0