free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
6466 Commits
5 Branches
Tree: 46db0c6068
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '46db0c6068'
${ noResults }
freedombone/src/freedombone-app-radicale

freedombone-app-radicale 24KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # Radicale calendar system

  12. #

  13. # Configuration based upon:

  14. #   https://gigacog.com/blog/2016/01/radicale-and-uwsgi-on-nginx-with-systemd

  15. #

  16. # License

  17. # =======

  18. #

  19. # Copyright (C) 2016 Bob Mottram <bob@freedombone.net>

  20. #

  21. # This program is free software: you can redistribute it and/or modify

  22. # it under the terms of the GNU Affero General Public License as published by

  23. # the Free Software Foundation, either version 3 of the License, or

  24. # (at your option) any later version.

  25. #

  26. # This program is distributed in the hope that it will be useful,

  27. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  28. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  29. # GNU Affero General Public License for more details.

  30. #

  31. # You should have received a copy of the GNU Affero General Public License

  32. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  33. 

  34. VARIANTS='full full-vim'

  35. 

  36. IN_DEFAULT_INSTALL=0

  37. SHOW_ON_ABOUT=1

  38. 

  39. RADICALE_DOWNLOAD_URL='https://files.pythonhosted.org/packages/source/R/Radicale/Radicale-'

  40. RADICALE_VERSION='1.1.2'

  41. RADICALE_HASH='ebe22afb7fdcac45a5722a5b3037cc4bf261fc059beba31af7863894d2b840bc'

  42. RADICALE_PASSWORD=

  43. RADICALE_ONION_PORT=8106

  44. RADICALE_PORT=5232

  45. RADICALE_DIRECTORY='/etc/radicale'

  46. RADICALE_USERS=/var/www/radicale/users

  47. 

  48. radicale_variables=(ONION_ONLY

  49.                     MY_USERNAME

  50.                     RADICALE_PASSWORD

  51.                     DEFAULT_DOMAIN_NAME)

  52. 

  53. function remove_user_radicale {

  54.     remove_username="$1"

  55. 

  56.     ${PROJECT_NAME}-pass -u $remove_username --rmapp radicale

  57. 

  58.     if grep -q "${remove_username}:" ${RADICALE_USERS}; then

  59.         sed -i "/${remove_username}:/d" ${RADICALE_USERS}

  60.         if [ -d /var/www/radicale/collections/${remove_username} ]; then

  61.             rm -rf /var/www/radicale/collections/${remove_username}

  62.         fi

  63.         if [ -f /var/www/radicale/collections/${remove_username}.props ]; then

  64.             rm /var/www/radicale/collections/${remove_username}.props

  65.         fi

  66.         systemctl restart radicale

  67.     fi

  68. }

  69. 

  70. function add_user_radicale {

  71.     new_username="$1"

  72.     new_user_password="$2"

  73. 

  74.     ${PROJECT_NAME}-pass -u $new_username -a radicale -p "$new_user_password"

  75. 

  76.     if [ ! -f ${RADICALE_USERS} ]; then

  77.         touch ${RADICALE_USERS}

  78.     fi

  79. 

  80.     if ! grep -q "$new_username:" ${RADICALE_USERS}; then

  81.         htpasswd -bd ${RADICALE_USERS} "$new_username" "$new_user_password"

  82. 

  83.         echo '{"ICAL:calendar-color": "#9e50df"}' > /var/www/radicale/collections/${new_username}.props

  84.         mkdir /var/www/radicale/collections/${new_username}

  85.         echo '{"ICAL:calendar-color": "#de631a", "tag": "VCALENDAR"}' > /var/www/radicale/collections/${new_username}/calendar.props

  86.         echo 'BEGIN:VCALENDAR' > /var/www/radicale/collections/${new_username}/calendar

  87.         echo 'PRODID:-//Radicale//NONSGML Radicale Server//EN' >> /var/www/radicale/collections/${new_username}/calendar

  88.         echo 'VERSION:2.0' >> /var/www/radicale/collections/${new_username}/calendar

  89.         echo 'END:VCALENDAR' >> /var/www/radicale/collections/${new_username}/calendar

  90. 

  91.         chown -R www-data:www-data /var/www/radicale

  92.         chmod -R 755 /var/www/radicale/*

  93.         systemctl restart radicale

  94.     fi

  95.     echo '0'

  96. }

  97. 

  98. function change_password_radicale {

  99.     existing_username="$1"

  100.     new_user_password="$2"

  101. 

  102.     ${PROJECT_NAME}-pass -u $existing_username -a radicale -p "$new_user_password"

  103. 

  104.     if grep -q "${existing_username}:" ${RADICALE_USERS}; then

  105.         sed -i "/${existing_username}:/d" ${RADICALE_USERS}

  106.         htpasswd -bd ${RADICALE_USERS} "$existing_username" "$new_user_password"

  107.         systemctl reload radicale

  108.     fi

  109. }

  110. 

  111. function install_interactive_radicale {

  112.     echo -n ''

  113.     APP_INSTALLED=1

  114. }

  115. 

  116. function reconfigure_radicale {

  117.     rm $RADICALE_USERS

  118.     rm -rf /var/www/radicale/collections/*

  119.     rm -rf /var/log/radicale/*

  120. 

  121.     # create an admin password

  122.     if [ -f $IMAGE_PASSWORD_FILE ]; then

  123.         RADICALE_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"

  124.     else

  125.         RADICALE_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"

  126.     fi

  127.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  128. 

  129.     ${PROJECT_NAME}-pass -u $MY_USERNAME -a radicale -p "$RADICALE_PASSWORD"

  130. 

  131.     touch /var/log/radicale/radicale.log

  132.     chown -R www-data:www-data /var/log/radicale

  133. }

  134. 

  135. function upgrade_radicale {

  136.     if [ ! -f /usr/local/bin/radicale ]; then

  137.         return

  138.     fi

  139. 

  140.     if ! grep -q "radicale version:" $COMPLETION_FILE; then

  141.         return

  142.     fi

  143. 

  144.     CURR_RADICALE_VERSION=$(get_completion_param "radicale version")

  145.     if [[ "${CURR_RADICALE_VERSION}" == "${RADICALE_VERSION}" ]]; then

  146.         return

  147.     fi

  148. 

  149.     # get the source

  150.     cd /var/www/radicale

  151.     wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz

  152. 

  153.     # check the hash

  154.     hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')

  155.     if [[ "$hash" != "$RADICALE_HASH" ]]; then

  156.         echo $'radicale hash does not match'

  157.         exit 638532

  158.     fi

  159. 

  160.     tar -xzf Radicale-${RADICALE_VERSION}.tar.gz

  161.     if [ ! -d Radicale-${RADICALE_VERSION} ]; then

  162.         exit 73529

  163.     fi

  164.     rm Radicale-${RADICALE_VERSION}.tar.gz

  165.     cd Radicale-${RADICALE_VERSION}

  166. 

  167.     # move the old command

  168.     mv /usr/local/bin/radicale /usr/local/bin/radicale_previous

  169. 

  170.     # do the install

  171.     python setup.py install

  172. 

  173.     # check for install success

  174.     if [ ! -f /usr/local/bin/radicale ]; then

  175.         mv /usr/local/bin/radicale_previous /usr/local/bin/radicale

  176.         echo $'Radicale did not upgrade'

  177.         exit 692353

  178.     fi

  179. 

  180.     # remove the old source

  181.     rm -rf Radicale-${CURR_RADICALE_VERSION}

  182. 

  183.     sed -i "s|radicale version.*|radicale version:$RADICALE_VERSION|g" ${COMPLETION_FILE}

  184.     chown -R www-data:www-data /var/www/radicale

  185.     systemctl restart radicale

  186.     systemctl restart nginx

  187. }

  188. 

  189. function backup_local_radicale {

  190.     source_directory=${RADICALE_DIRECTORY}

  191.     if [ -d $source_directory ]; then

  192.         dest_directory=radicale

  193.         function_check backup_directory_to_usb

  194.         backup_directory_to_usb $source_directory $dest_directory

  195.     fi

  196.     source_directory=/var/www/radicale

  197.     if [ -d $source_directory ]; then

  198.         dest_directory=radicalewww

  199.         function_check backup_directory_to_usb

  200.         backup_directory_to_usb $source_directory $dest_directory

  201.     fi

  202. }

  203. 

  204. function restore_local_radicale {

  205.     if [ -d ${RADICALE_DIRECTORY} ]; then

  206.         temp_restore_dir=/root/tempradicale

  207.         function_check restore_directory_from_usb

  208.         restore_directory_from_usb $temp_restore_dir radicale

  209.         cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  210.         if [ ! "$?" = "0" ]; then

  211.             function_check backup_unmount_drive

  212.             backup_unmount_drive

  213.             exit 46872

  214.         fi

  215.         rm -rf $temp_restore_dir

  216. 

  217.         temp_restore_dir=/root/tempradicalewww

  218.         restore_directory_from_usb $temp_restore_dir radicalewww

  219.         cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale

  220.         if [ ! "$?" = "0" ]; then

  221.             function_check backup_unmount_drive

  222.             backup_unmount_drive

  223.             exit 367363

  224.         fi

  225.         rm -rf $temp_restore_dir

  226.         chown -R www-data:www-data /var/www/radicale

  227. 

  228.         systemctl restart radicale

  229.     fi

  230. }

  231. 

  232. function backup_remote_radicale {

  233.     if [ -d ${RADICALE_DIRECTORY} ]; then

  234.         echo $"Backing up the radicale settings"

  235.         backup_directory_to_friend ${RADICALE_DIRECTORY} radicale

  236.         backup_directory_to_friend /var/www/radicale radicalewww

  237.         echo $"Backup of radicale settings complete"

  238.     fi

  239. }

  240. 

  241. function restore_remote_radicale {

  242.     if [ -d ${RADICALE_DIRECTORY} ]; then

  243.         temp_restore_dir=/root/tempradicale

  244.         function_check restore_directory_from_friend

  245.         restore_directory_from_friend $temp_restore_dir radicale

  246.         cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  247.         if [ ! "$?" = "0" ]; then

  248.             exit 236746

  249.         fi

  250.         rm -rf $temp_restore_dir

  251. 

  252.         temp_restore_dir=/root/tempradicalewww

  253.         restore_directory_from_friend $temp_restore_dir radicalewww

  254.         cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale

  255.         if [ ! "$?" = "0" ]; then

  256.             exit 3674284

  257.         fi

  258.         rm -rf $temp_restore_dir

  259.         chown -R www-data:www-data /var/www/radicale

  260. 

  261.         systemctl restart radicale

  262.     fi

  263. }

  264. 

  265. function remove_radicale {

  266.     nginx_dissite radicale

  267.     systemctl stop radicale

  268.     systemctl stop uwsgi_rundir

  269.     systemctl disable radicale

  270.     systemctl disable uwsgi_rundir

  271.     if [ -f /etc/systemd/system/uwsgi_rundir.service ]; then

  272.         rm /etc/systemd/system/uwsgi_rundir.service

  273.     fi

  274.     if [ -f /etc/systemd/system/radicale.service ]; then

  275.         rm /etc/systemd/system/radicale.service

  276.     fi

  277.     if [ -f /etc/nginx/sites-available/radicale ]; then

  278.         rm /etc/nginx/sites-available/radicale

  279.     fi

  280.     if [ -f /usr/local/bin/uwsgi_rundir.sh ]; then

  281.         rm /usr/local/bin/uwsgi_rundir.sh

  282.     fi

  283. 

  284.     firewall_remove ${RADICALE_PORT} tcp

  285.     deluser radicale

  286. 

  287.     function_check remove_onion_service

  288.     remove_onion_service radicale ${RADICALE_ONION_PORT}

  289. 

  290.     apt-get -yq remove --purge radicale python-radicale

  291.     if [ -d ${RADICALE_DIRECTORY} ]; then

  292.         rm -rf ${RADICALE_DIRECTORY}

  293.     fi

  294.     if [ -d /var/www/radicale ]; then

  295.         rm -rf /var/www/radicale

  296.     fi

  297.     if [ -f /var/log/radicale/radicale.log ]; then

  298.         rm -rf /var/log/radicale

  299.     fi

  300.     if [ -d /var/log/radicale ]; then

  301.         rm -rf /var/log/radicale

  302.     fi

  303.     if [ -d /var/lib/radicale ]; then

  304.         rm -rf /var/lib/radicale

  305.     fi

  306. 

  307.     remove_completion_param install_radicale

  308.     sed -i '/radicale/d' $COMPLETION_FILE

  309.     sed -i '/# Start radicale/,/# End radicale/d' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  310.     systemctl restart nginx

  311. }

  312. 

  313. function install_radicale {

  314.     if [[ $ONION_ONLY == 'no' ]]; then

  315.         # obtain a cert for the default domain

  316.         if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then

  317.             echo $'Obtaining certificate for the main domain'

  318.             create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'

  319.         fi

  320.     fi

  321. 

  322.     apt-get -yq remove --purge radicale python-radicale

  323. 

  324.     useradd -c "Radicale system account" -d /var/www/radicale -m -r -g radicale radicale

  325.     usermod -a -G www-data radicale

  326. 

  327.     # create directories

  328.     if [ ! -d /var/log/radicale ]; then

  329.         mkdir /var/log/radicale

  330.     fi

  331.     if [ ! -f /var/log/radicale/radicale.log ]; then

  332.         touch /var/log/radicale/radicale.log

  333.     fi

  334.     chown -R www-data:www-data /var/log/radicale

  335. 

  336.     apt-get -yq install python-setuptools apache2-utils

  337. 

  338.     if [ ! -d /var/www/radicale ]; then

  339.         mkdir -p /var/www/radicale

  340.     fi

  341. 

  342.     # get the source

  343.     cd /var/www/radicale

  344.     wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz

  345. 

  346.     # check the hash

  347.     hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')

  348.     if [[ "$hash" != "$RADICALE_HASH" ]]; then

  349.         echo $'radicale hash does not match'

  350.         exit 638532

  351.     fi

  352. 

  353.     tar -xzf Radicale-${RADICALE_VERSION}.tar.gz

  354.     if [ ! -d Radicale-${RADICALE_VERSION} ]; then

  355.         exit 623252

  356.     fi

  357.     rm Radicale-${RADICALE_VERSION}.tar.gz

  358.     cd Radicale-${RADICALE_VERSION}

  359.     python setup.py install

  360.     if [ ! -f /usr/local/bin/radicale ]; then

  361.         echo $'Radicale did not install'

  362.         exit 7283554

  363.     fi

  364. 

  365.     if [ ! -d ${RADICALE_DIRECTORY} ]; then

  366.         mkdir ${RADICALE_DIRECTORY}

  367.     fi

  368.     if [ ! -d /var/www/radicale/collections ]; then

  369.         mkdir -p /var/www/radicale/collections

  370.     fi

  371. 

  372.     # create the configuration

  373.     echo '[server]' >  ${RADICALE_DIRECTORY}/config

  374.     echo 'hosts=localhost:52322' >> ${RADICALE_DIRECTORY}/config

  375.     echo 'ssl = False' >> ${RADICALE_DIRECTORY}/config

  376.     echo 'daemon = False' >> ${RADICALE_DIRECTORY}/config

  377.     echo 'base_prefix=/radicale/' >> ${RADICALE_DIRECTORY}/config

  378.     echo '' >> ${RADICALE_DIRECTORY}/config

  379.     echo '[storage]' >> ${RADICALE_DIRECTORY}/config

  380.     echo 'type = filesystem' >> ${RADICALE_DIRECTORY}/config

  381.     echo "filesystem_folder = /var/www/radicale/collections" >> ${RADICALE_DIRECTORY}/config

  382.     echo '' >> ${RADICALE_DIRECTORY}/config

  383.     echo '[well-known]' >> ${RADICALE_DIRECTORY}/config

  384.     echo "caldav = '/%(user)s/caldav/'" >> ${RADICALE_DIRECTORY}/config

  385.     echo "carddav = '/%(user)s/carddav/'" >> ${RADICALE_DIRECTORY}/config

  386.     echo '' >> ${RADICALE_DIRECTORY}/config

  387.     echo '#[auth]' >> ${RADICALE_DIRECTORY}/config

  388.     echo '#imap_hostname = localhost' >> ${RADICALE_DIRECTORY}/config

  389.     echo '#imap_port = 143' >> ${RADICALE_DIRECTORY}/config

  390.     echo '#imap_ssl = False' >> ${RADICALE_DIRECTORY}/config

  391.     echo '' >> ${RADICALE_DIRECTORY}/config

  392.     echo '[logging]' >> ${RADICALE_DIRECTORY}/config

  393.     echo 'debug = False' >> ${RADICALE_DIRECTORY}/config

  394. 

  395.     # create an admin password

  396.     if [ ${#RADICALE_PASSWORD} -lt 8 ]; then

  397.         if [ -f $IMAGE_PASSWORD_FILE ]; then

  398.             RADICALE_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"

  399.         else

  400.             RADICALE_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"

  401.         fi

  402.     fi

  403.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  404. 

  405.     echo '[Unit]' > /etc/systemd/system/radicale.service

  406.     echo 'Description=Radicale CalDAV Server' >> /etc/systemd/system/radicale.service

  407.     echo 'After=network.target' >> /etc/systemd/system/radicale.service

  408.     echo '' >> /etc/systemd/system/radicale.service

  409.     echo '[Service]' >> /etc/systemd/system/radicale.service

  410.     echo 'Type=simple' >> /etc/systemd/system/radicale.service

  411.     echo 'User=www-data' >> /etc/systemd/system/radicale.service

  412.     echo 'Group=www-data' >> /etc/systemd/system/radicale.service

  413.     echo "ExecStart=/usr/local/bin/radicale --config ${RADICALE_DIRECTORY}/config" >> /etc/systemd/system/radicale.service

  414.     echo 'Restart=on-failure' >> /etc/systemd/system/radicale.service

  415.     echo 'RestartSec=10' >> /etc/systemd/system/radicale.service

  416.     echo '' >> /etc/systemd/system/radicale.service

  417.     echo '[Install]' >> /etc/systemd/system/radicale.service

  418.     echo 'WantedBy=multi-user.target' >> /etc/systemd/system/radicale.service

  419. 

  420.     addresses_str=$"Addresses"

  421.     echo "{\"tag\": \"VADDRESSBOOK\", \"D:displayname\": \"${addresses_str}\"}" > /var/www/radicale/collections/addresses.props

  422.     touch /var/www/radicale/collections/addresses

  423. 

  424.     if [ ! -d /var/lib/radicale ]; then

  425.         mkdir /var/lib/radicale

  426.     fi

  427.     chown radicale:radicale /var/lib/radicale

  428. 

  429.     chown -R www-data:www-data /var/www/radicale

  430.     chmod -R 755 /var/www/radicale

  431.     chown -R www-data:www-data ${RADICALE_DIRECTORY}

  432. 

  433.     systemctl enable radicale

  434.     systemctl start radicale

  435. 

  436.     if [ ! -f /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} ]; then

  437.         # create a new site config

  438.         RADICALE_ONION_HOSTNAME=$(add_onion_service radicale 80 ${RADICALE_ONION_PORT})

  439. 

  440.         if [[ $ONION_ONLY == 'no' ]]; then

  441.             echo 'server {' > /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  442.             echo "    listen 443 ssl;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  443.             echo "    listen [::]:443 ssl;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  444.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  445.             function_check nginx_ssl

  446.             nginx_ssl ${DEFAULT_DOMAIN_NAME} mobile

  447.             function_check nginx_disable_sniffing

  448.             nginx_disable_sniffing ${DEFAULT_DOMAIN_NAME}

  449.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  450.             echo "    server_name ${DEFAULT_DOMAIN_NAME};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  451. 

  452.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  453.             echo '    access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  454.             echo '    error_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  455.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  456.             echo '    # Start radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  457.             echo '    location @radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  458.             echo '        auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  459.             echo '        auth_basic_user_file /var/www/radicale/users;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  460.             echo '        proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  461.             echo '        proxy_buffering off;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  462.             echo '        proxy_set_header Host $host;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  463.             echo '        proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  464.             echo '        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  465.             echo '        proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  466.             echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  467.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  468.             echo '    location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  469.             echo '        try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  470.             echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  471.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  472.             echo '    location /.well-known/carddav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  473.             echo '        try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  474.             echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  475.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  476.             echo '    location /.well-known/caldav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  477.             echo '        try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  478.             echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  479.             echo '    # End radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  480.             echo '}' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  481.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  482.         else

  483.             echo -n '' > /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  484.         fi

  485.         echo 'server {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  486.         echo "    listen localhost:${RADICALE_ONION_PORT} default_server;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  487.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  488.         echo "    server_name ${RADICALE_ONION_HOSTNAME};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  489.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  490.         echo '    access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  491.         echo '    error_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  492.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  493.         echo '    # Start radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  494.         echo '    location @radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  495.         echo '        auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  496.         echo '        auth_basic_user_file /var/www/radicale/users;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  497.         echo '        proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  498.         echo '        proxy_buffering off;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  499.         echo '        proxy_set_header Host $host;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  500.         echo '        proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  501.         echo '        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  502.         echo '        proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  503.         echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  504.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  505.         echo '    location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  506.         echo '        try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  507.         echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  508.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  509.         echo '    location /.well-known/carddav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  510.         echo '        try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  511.         echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  512.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  513.         echo '    location /.well-known/caldav {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  514.         echo '        try_files $uri @radicale;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  515.         echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  516.         echo '    # End radicale' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  517.         echo '}' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  518. 

  519.         set_completion_param "radicale onion domain" "${RADICALE_ONION_HOSTNAME}"

  520.     else

  521.         # alter the existing site config

  522.         if ! grep -q "# Start radicale" /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}; then

  523.             sed -i '/]:443/a    # Start radicale\n  location @radicale {\n    auth_basic "Radicale";\n    auth_basic_user_file \/var\/www\/radicale\/users;\n    proxy_pass http:\/\/localhost:52322;\n    proxy_buffering off;\n    proxy_set_header Host $host;\n    proxy_set_header X-Real-IP $remote_addr;\n    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n    proxy_set_header X-Forwarded-Proto $scheme;\n  }\n\n  location \/radicale {\n      try_files $uri @radicale;\n  }\n\n  location \/.well-known\/carddav {\n      try_files $uri @radicale;\n  }\n\n  location \/.well-known\/caldav {\n      try_files $uri @radicale;\n  }\n  # End radicale' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  524.             sed -i '/listen localhost/a    # Start radicale\n  location @radicale {\n    auth_basic "Radicale";\n    auth_basic_user_file \/var\/www\/radicale\/users;\n    proxy_pass http:\/\/localhost:52322;\n    proxy_buffering off;\n    proxy_set_header Host $host;\n    proxy_set_header X-Real-IP $remote_addr;\n    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n    proxy_set_header X-Forwarded-Proto $scheme;\n  }\n\n  location \/radicale {\n      try_files $uri @radicale;\n  }\n\n  location \/.well-known\/carddav {\n      try_files $uri @radicale;\n  }\n\n  location \/.well-known\/caldav {\n      try_files $uri @radicale;\n  }\n  # End radicale' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  525.         fi

  526.     fi

  527. 

  528.     # create a certificate

  529.     if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then

  530.         if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then

  531.             ${PROJECT_NAME}-addcert -h $DEFAULT_DOMAIN_NAME --dhkey ${DH_KEYLENGTH}

  532.             check_certificates $DEFAULT_DOMAIN_NAME

  533.         fi

  534.     fi

  535. 

  536.     if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then

  537.         sed -i "s|radicale.crt|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  538.         sed -i "s|radicale.pem|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  539.     fi

  540.     sed -i "s|radicale.key|${DEFAULT_DOMAIN_NAME}.key|g" /etc/nginx/sites-available/radicale

  541.     sed -i "s|radicale.dhparam|${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/nginx/sites-available/radicale

  542. 

  543.     update_default_domain

  544. 

  545.     systemctl restart nginx

  546. 

  547.     ${PROJECT_NAME}-pass -u $MY_USERNAME -a radicale -p "$RADICALE_PASSWORD"

  548. 

  549.     # keep track of the version so we can check for upgrades

  550.     if ! grep -q "radicale version:" ${COMPLETION_FILE}; then

  551.         echo "radicale version:${RADICALE_VERSION}" >> ${COMPLETION_FILE}

  552.     else

  553.         sed -i "s|radicale version.*|radicale version:${RADICALE_VERSION}|g" ${COMPLETION_FILE}

  554.     fi

  555. 

  556.     APP_INSTALLED=1

  557. }

  558. 

  559. # NOTE: deliberately no exit 0