freedombone-app-ghost 21KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567
  1. #!/bin/bash
  2. #
  3. # .---. . .
  4. # | | |
  5. # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
  6. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
  7. # ' ' --' --' -' - -' ' ' -' -' -' ' - --'
  8. #
  9. # Freedom in the Cloud
  10. #
  11. # Ghost blog
  12. #
  13. # License
  14. # =======
  15. #
  16. # Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
  17. #
  18. # This program is free software: you can redistribute it and/or modify
  19. # it under the terms of the GNU Affero General Public License as published by
  20. # the Free Software Foundation, either version 3 of the License, or
  21. # (at your option) any later version.
  22. #
  23. # This program is distributed in the hope that it will be useful,
  24. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. # GNU Affero General Public License for more details.
  27. #
  28. # You should have received a copy of the GNU Affero General Public License
  29. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  30. VARIANTS="full full-vim writer"
  31. IN_DEFAULT_INSTALL=0
  32. SHOW_ON_ABOUT=1
  33. GHOST_DOMAIN_NAME=
  34. GHOST_CODE=
  35. GHOST_ONION_PORT=8104
  36. GHOST_PORT=2368
  37. GHOST_VERSION='0.11.8'
  38. GHOST_HASH='244faad0b16eb1b90c8095f1e536db65299a3a2d85a20af76342be3707522b38'
  39. GHOST_DOWNLOAD_URL="https://github.com/TryGhost/Ghost/releases/download/${GHOST_VERSION}/Ghost-${GHOST_VERSION}.zip"
  40. ghost_variables=(GHOST_DOMAIN_NAME
  41. GHOST_CODE
  42. GHOST_ADMIN_PASSWORD
  43. ONION_ONLY
  44. DDNS_PROVIDER
  45. MY_USERNAME)
  46. function ghost_replace_jquery {
  47. sed -i "s|code.jquery.com/jquery-${previous_jquery_version}.min.js|$GHOST_DOMAIN_NAME/jquery-${jquery_version}.js|g" content/themes/casper/default.hbs
  48. sed -i "s|code.jquery.com/jquery-${previous_jquery_version}.min.js|$GHOST_DOMAIN_NAME/jquery-${jquery_version}.js|g" core/server/data/migration/fixtures/004/01-move-jquery-with-alert.js
  49. sed -i "s|code.jquery.com/jquery-${previous_jquery_version}.min.js|$GHOST_DOMAIN_NAME/jquery-${jquery_version}.js|g" node_modules/gscan/app/tpl/layouts/default.hbs
  50. }
  51. function ghost_remove_offsite_links {
  52. cd /var/www/$GHOST_DOMAIN_NAME/htdocs
  53. # remove google font links
  54. # Note that the privacy options in config.js aren't sufficient to remove Google's tentacles
  55. sed -i "s/fonts.googleapis.com/$GHOST_DOMAIN_NAME/g" content/themes/casper/default.hbs
  56. sed -i "s/fonts.googleapis.com/$GHOST_DOMAIN_NAME/g" core/server/apps/amp/lib/views/amp.hbs
  57. # copy jquery locally
  58. previous_jquery_version='1.12.0'
  59. jquery_version='1.12.4'
  60. if [ ! -f /var/www/$GHOST_DOMAIN_NAME/htdocs/jquery-${jquery_version}.js ]; then
  61. wget https://code.jquery.com/jquery-${jquery_version}.js
  62. jquery_hash=$(sha256sum jquery-${jquery_version}.js | awk -F ' ' '{print $1}')
  63. if [[ "$jquery_hash" != '430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575' ]]; then
  64. echo $'Unexpected jquery hash value'
  65. exit 258442
  66. fi
  67. fi
  68. ghost_replace_jquery
  69. previous_jquery_version='1.11.3'
  70. ghost_replace_jquery
  71. }
  72. function ghost_replace_proprietary_services {
  73. replace_file=$1
  74. sed -i 's|Twitter Profile|GNU Social Profile|g' $replace_file
  75. sed -i 's|Twitter Username|GNU Social Username|g' $replace_file
  76. sed -i 's|twitter.com|quitter.se|g' $replace_file
  77. sed -i 's|Facebook Page|Hubzilla Channel|g' $replace_file
  78. sed -i 's|www.facebook.com/username|hubzilladomain/username|g' $replace_file
  79. sed -i 's|www.facebook.com/ghost|hubzilladomain/username|g' $replace_file
  80. sed -i 's|www.facebook.com/testuser|hubzilladomain/username|g' $replace_file
  81. sed -i 's|www.facebook.com/testing|hubzilladomain/username|g' $replace_file
  82. sed -i 's|www.facebook.com/test|hubzilladomain/username|g' $replace_file
  83. sed -i 's|www.facebook.com/yourUsername|hubzilladomain/username|g' $replace_file
  84. sed -i 's|www.facebook.com/yourPage|hubzilladomain/username|g' $replace_file
  85. sed -i 's|Facebook Username|Hubzilla Channel|g' $replace_file
  86. sed -i 's|www.facebook.com|hubzilladomain|g' $replace_file
  87. sed -i 's|facebook value|hubzilla value|g' $replace_file
  88. sed -i '/<section class="share">/,/<\/section>/d' $replace_file
  89. }
  90. function ghost_replace_services {
  91. ghost_replace_proprietary_services /var/www/${GHOST_DOMAIN_NAME}/htdocs/core/built/assets/ghost.js
  92. ghost_replace_proprietary_services /var/www/${GHOST_DOMAIN_NAME}/htdocs/core/built/assets/ghost.min.js
  93. ghost_replace_proprietary_services /var/www/${GHOST_DOMAIN_NAME}/htdocs/content/themes/casper/post.hbs
  94. }
  95. function remove_user_ghost {
  96. remove_username="$1"
  97. }
  98. function add_user_ghost {
  99. if [[ $(app_is_installed ghost) == "0" ]]; then
  100. echo '0'
  101. return
  102. fi
  103. new_username="$1"
  104. new_user_password="$2"
  105. echo '0'
  106. }
  107. function install_interactive_ghost {
  108. if [ ! $ONION_ONLY ]; then
  109. ONION_ONLY='no'
  110. fi
  111. if [[ $ONION_ONLY != "no" ]]; then
  112. GHOST_DOMAIN_NAME='ghost.local'
  113. write_config_param "GHOST_DOMAIN_NAME" "$GHOST_DOMAIN_NAME"
  114. else
  115. function_check interactive_site_details
  116. interactive_site_details "ghost" "GHOST_DOMAIN_NAME" "GHOST_CODE"
  117. fi
  118. APP_INSTALLED=1
  119. }
  120. function change_password_ghost {
  121. GHOST_USERNAME="$1"
  122. GHOST_PASSWORD="$2"
  123. if [ ${#GHOST_PASSWORD} -lt 8 ]; then
  124. echo $'Ghost password is too short'
  125. return
  126. fi
  127. #${PROJECT_NAME}-pass -u $GHOST_USERNAME -a ghost -p "$GHOST_PASSWORD"
  128. }
  129. function reconfigure_ghost {
  130. echo -n ''
  131. }
  132. function upgrade_ghost {
  133. if [ ! -d /var/www/$GHOST_DOMAIN_NAME/htdocs ]; then
  134. return
  135. fi
  136. if ! grep -q "ghost version:" $COMPLETION_FILE; then
  137. CURR_GHOST_VERSION=${GHOST_VERSION}b
  138. else
  139. CURR_GHOST_VERSION=$(get_completion_param "ghost version")
  140. fi
  141. if [[ "$GHOST_VERSION" == "$CURR_GHOST_VERSION" ]]; then
  142. return
  143. fi
  144. read_config_param "GHOST_DOMAIN_NAME"
  145. GHOST_PATH=/var/www/$GHOST_DOMAIN_NAME/htdocs
  146. cd $GHOST_PATH
  147. if [ ! -f ghost-${GHOST_VERSION}.zip ]; then
  148. wget ${GHOST_DOWNLOAD_URL}
  149. fi
  150. if [ ! -f Ghost-${GHOST_VERSION}.zip ]; then
  151. echo $'Unable to download ghost'
  152. exit 367245
  153. fi
  154. # check the hash
  155. hash=$(sha256sum Ghost-${GHOST_VERSION}.zip | awk -F ' ' '{print $1}')
  156. if [[ "$hash" != "$GHOST_HASH" ]]; then
  157. echo $'ghost hash does not match'
  158. exit 729856
  159. fi
  160. unzip -o Ghost-${GHOST_VERSION}.zip
  161. if [ ! -f $GHOST_PATH/index.js ]; then
  162. echo $'ghost failed to unzip'
  163. exit 63835
  164. fi
  165. sed -i "/sqlite/d" $GHOST_PATH/package.json
  166. npm install --production
  167. chown -R ghost: $GHOST_PATH/
  168. ghost_replace_services
  169. chown -R ghost: /var/www/${GHOST_DOMAIN_NAME}/htdocs
  170. ghost_remove_offsite_links
  171. sed -i "s|ghost version.*|ghost version:${GHOST_VERSION}|g" ${COMPLETION_FILE}
  172. systemctl restart ghost
  173. }
  174. function backup_local_ghost {
  175. GHOST_DOMAIN_NAME='ghost.local'
  176. if grep -q "ghost domain" $COMPLETION_FILE; then
  177. GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
  178. fi
  179. ghost_path=/var/www/${GHOST_DOMAIN_NAME}/htdocs
  180. if [ -d $ghost_path ]; then
  181. function_check backup_database_to_usb
  182. backup_database_to_usb ghost
  183. backup_directory_to_usb $ghost_path ghost
  184. restart_site
  185. fi
  186. }
  187. function restore_local_ghost {
  188. GHOST_DOMAIN_NAME='ghost.local'
  189. if grep -q "ghost domain" $COMPLETION_FILE; then
  190. GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
  191. fi
  192. if [ $GHOST_DOMAIN_NAME ]; then
  193. systemctl stop ghost
  194. function_check ghost_create_database
  195. ghost_create_database
  196. function_check restore_database
  197. restore_database ghost ${GHOST_DOMAIN_NAME}
  198. systemctl start ghost
  199. restart_site
  200. fi
  201. }
  202. function backup_remote_ghost {
  203. GHOST_DOMAIN_NAME='ghost.local'
  204. if grep -q "ghost domain" $COMPLETION_FILE; then
  205. GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
  206. fi
  207. temp_backup_dir=/var/www/${GHOST_DOMAIN_NAME}/htdocs
  208. if [ -d $temp_backup_dir ]; then
  209. suspend_site ${GHOST_DOMAIN_NAME}
  210. backup_database_to_friend ghost
  211. backup_directory_to_friend $temp_backup_dir ghost
  212. restart_site
  213. else
  214. echo $"Ghost domain specified but not found in /var/www/${GHOST_DOMAIN_NAME}"
  215. exit 2578
  216. fi
  217. }
  218. function restore_remote_ghost {
  219. GHOST_DOMAIN_NAME='ghost.local'
  220. if grep -q "ghost domain" $COMPLETION_FILE; then
  221. GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
  222. fi
  223. systemctl stop ghost
  224. function_check get_mariadb_password
  225. get_mariadb_password
  226. function_check restore_database_from_friend
  227. function_check ghost_create_database
  228. ghost_create_database
  229. restore_database_from_friend ghost ${GHOST_DOMAIN_NAME}
  230. systemctl start ghost
  231. restart_site
  232. chown -R ghost: /var/www/$GHOST_DOMAIN_NAME/htdocs/
  233. }
  234. function remove_ghost {
  235. if [ ${#GHOST_DOMAIN_NAME} -eq 0 ]; then
  236. return
  237. fi
  238. systemctl stop ghost
  239. systemctl disable ghost
  240. rm /etc/systemd/system/ghost.service
  241. function_check remove_nodejs
  242. remove_nodejs ghost
  243. drop_database ghost
  244. remove_backup_database_local ghost
  245. read_config_param "GHOST_DOMAIN_NAME"
  246. nginx_dissite $GHOST_DOMAIN_NAME
  247. remove_certs ${GHOST_DOMAIN_NAME}
  248. deluser --remove-all-files ghost
  249. if [ -f /etc/nginx/sites-available/$GHOST_DOMAIN_NAME ]; then
  250. rm -f /etc/nginx/sites-available/$GHOST_DOMAIN_NAME
  251. fi
  252. if [ -d /var/www/$GHOST_DOMAIN_NAME ]; then
  253. rm -rf /var/www/$GHOST_DOMAIN_NAME
  254. fi
  255. remove_config_param GHOST_DOMAIN_NAME
  256. remove_config_param GHOST_CODE
  257. function_check remove_onion_service
  258. remove_onion_service ghost ${GHOST_ONION_PORT}
  259. remove_completion_param "install_ghost"
  260. sed -i '/Ghost/d' $COMPLETION_FILE
  261. sed -i '/ghost/d' $COMPLETION_FILE
  262. function_check remove_ddns_domain
  263. remove_ddns_domain $GHOST_DOMAIN_NAME
  264. }
  265. function ghost_create_config {
  266. ghost_config=/var/www/${GHOST_DOMAIN_NAME}/htdocs/config.js
  267. echo "var path = require('path')," > $ghost_config
  268. echo ' config;' >> $ghost_config
  269. echo '' >> $ghost_config
  270. echo 'config = {' >> $ghost_config
  271. echo ' production: {' >> $ghost_config
  272. echo ' // This needs to be http and NOT https' >> $ghost_config
  273. echo " url: 'http://${GHOST_DOMAIN_NAME}'," >> $ghost_config
  274. echo ' mail: {' >> $ghost_config
  275. echo " transport: 'SMTP'," >> $ghost_config
  276. echo ' options: {' >> $ghost_config
  277. echo " service: 'Sendmail'," >> $ghost_config
  278. echo ' }' >> $ghost_config
  279. echo ' },' >> $ghost_config
  280. echo ' database: {' >> $ghost_config
  281. echo " client: 'mysql'," >> $ghost_config
  282. echo ' connection: {' >> $ghost_config
  283. echo " host : '127.0.0.1'," >> $ghost_config
  284. echo " user : 'root'," >> $ghost_config
  285. echo " password : '${MARIADB_PASSWORD}'," >> $ghost_config
  286. echo " database : 'ghost'," >> $ghost_config
  287. echo " charset : 'utf8'" >> $ghost_config
  288. echo ' }' >> $ghost_config
  289. echo ' },' >> $ghost_config
  290. echo '' >> $ghost_config
  291. echo ' server: {' >> $ghost_config
  292. echo " host: '127.0.0.1'," >> $ghost_config
  293. echo " port: '${GHOST_PORT}'" >> $ghost_config
  294. echo ' },' >> $ghost_config
  295. echo ' privacy: {' >> $ghost_config
  296. echo ' useTinfoil: true,' >> $ghost_config
  297. echo ' },' >> $ghost_config
  298. echo ' logging: false' >> $ghost_config
  299. echo ' }' >> $ghost_config
  300. echo '};' >> $ghost_config
  301. echo '' >> $ghost_config
  302. echo 'module.exports = config;' >> $ghost_config
  303. chmod 700 $ghost_config
  304. }
  305. function ghost_create_database {
  306. if [ -f ${IMAGE_PASSWORD_FILE} ]; then
  307. GIT_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
  308. else
  309. if [ ! ${GIT_ADMIN_PASSWORD} ]; then
  310. GIT_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
  311. fi
  312. fi
  313. if [ ! $GIT_ADMIN_PASSWORD ]; then
  314. return
  315. fi
  316. function_check get_mariadb_password
  317. get_mariadb_password
  318. function_check create_database
  319. create_database ghost "$GHOST_ADMIN_PASSWORD"
  320. }
  321. function install_ghost {
  322. if [ ! $ONION_ONLY ]; then
  323. ONION_ONLY='no'
  324. fi
  325. if [ ! $GHOST_DOMAIN_NAME ]; then
  326. echo $'The ghost domain name was not specified'
  327. exit 5062
  328. fi
  329. # for the avatar changing command
  330. apt-get -yq install unzip wget
  331. if [ ! -d /var/www/$GHOST_DOMAIN_NAME/htdocs ]; then
  332. mkdir -p /var/www/$GHOST_DOMAIN_NAME/htdocs
  333. fi
  334. cd /var/www/$GHOST_DOMAIN_NAME/htdocs
  335. wget ${GHOST_DOWNLOAD_URL}
  336. if [ ! -f Ghost-${GHOST_VERSION}.zip ]; then
  337. echo $'Unable to download ghost'
  338. rm -rf /var/www/$GHOST_DOMAIN_NAME
  339. exit 63892
  340. fi
  341. # check the hash
  342. hash=$(sha256sum Ghost-${GHOST_VERSION}.zip | awk -F ' ' '{print $1}')
  343. if [[ "$hash" != "$GHOST_HASH" ]]; then
  344. echo $'ghost hash does not match'
  345. exit 729856
  346. fi
  347. unzip -o Ghost-${GHOST_VERSION}.zip
  348. if [ ! -f /var/www/${GHOST_DOMAIN_NAME}/htdocs/index.js ]; then
  349. echo $'ghost failed to unzip'
  350. rm -rf /var/www/$GHOST_DOMAIN_NAME
  351. exit 63835
  352. fi
  353. function_check install_nodejs
  354. install_nodejs ghost
  355. sed -i "/sqlite/d" /var/www/${GHOST_DOMAIN_NAME}/htdocs/package.json
  356. npm install --production
  357. function_check install_mariadb
  358. install_mariadb
  359. function_check get_mariadb_password
  360. get_mariadb_password
  361. function_check ghost_create_database
  362. ghost_create_database
  363. ghost_create_config
  364. adduser --system --home=/var/www/${GHOST_DOMAIN_NAME}/htdocs/ --group ghost
  365. chown -R ghost: /var/www/${GHOST_DOMAIN_NAME}/htdocs/
  366. echo '[Unit]' > /etc/systemd/system/ghost.service
  367. echo 'Description=Ghost Blog' >> /etc/systemd/system/ghost.service
  368. echo 'After=syslog.target' >> /etc/systemd/system/ghost.service
  369. echo 'After=network.target' >> /etc/systemd/system/ghost.service
  370. echo 'After=mysqld.service' >> /etc/systemd/system/ghost.service
  371. echo '' >> /etc/systemd/system/ghost.service
  372. echo '[Service]' >> /etc/systemd/system/ghost.service
  373. echo 'Type=simple' >> /etc/systemd/system/ghost.service
  374. echo 'User=ghost' >> /etc/systemd/system/ghost.service
  375. echo 'Group=ghost' >> /etc/systemd/system/ghost.service
  376. echo "WorkingDirectory=/var/www/${GHOST_DOMAIN_NAME}/htdocs" >> /etc/systemd/system/ghost.service
  377. echo "ExecStart=/usr/local/bin/node /var/www/${GHOST_DOMAIN_NAME}/htdocs/index.js" >> /etc/systemd/system/ghost.service
  378. echo 'Restart=always' >> /etc/systemd/system/ghost.service
  379. echo 'RestartSec=60' >> /etc/systemd/system/ghost.service
  380. echo "Environment=NODE_ENV=production PORT=${GHOST_PORT}" >> /etc/systemd/system/ghost.service
  381. echo '' >> /etc/systemd/system/ghost.service
  382. echo '[Install]' >> /etc/systemd/system/ghost.service
  383. echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ghost.service
  384. ghost_remove_offsite_links
  385. systemctl enable ghost
  386. systemctl daemon-reload
  387. systemctl start ghost
  388. GHOST_ONION_HOSTNAME=$(add_onion_service ghost 80 ${GHOST_ONION_PORT})
  389. if [[ ${ONION_ONLY} == "no" ]]; then
  390. function_check nginx_http_redirect
  391. nginx_http_redirect ${GHOST_DOMAIN_NAME}
  392. echo 'server {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  393. echo ' listen 443 ssl;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  394. echo ' listen [::]:443 ssl;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  395. echo " root /var/www/${GHOST_DOMAIN_NAME}/htdocs;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  396. echo " server_name ${GHOST_DOMAIN_NAME};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  397. echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  398. echo " error_log /dev/null;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  399. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  400. function_check nginx_ssl
  401. nginx_ssl ${GHOST_DOMAIN_NAME}
  402. function_check nginx_disable_sniffing
  403. nginx_disable_sniffing ${GHOST_DOMAIN_NAME}
  404. echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  405. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  406. echo ' location / {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  407. function_check nginx_limits
  408. nginx_limits ${GHOST_DOMAIN_NAME} '10G'
  409. echo " proxy_pass http://localhost:${GHOST_PORT};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  410. echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  411. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  412. echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  413. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  414. echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  415. echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  416. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  417. echo ' location = /robots.txt {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  418. echo ' allow all;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  419. echo ' log_not_found off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  420. echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  421. echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  422. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  423. nginx_keybase $GHOST_DOMAIN_NAME
  424. echo '}' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  425. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  426. else
  427. echo -n '' > /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  428. fi
  429. echo 'server {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  430. echo " listen 127.0.0.1:${GHOST_ONION_PORT} default_server;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  431. echo " root /var/www/$GHOST_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  432. echo " server_name $GHOST_ONION_HOSTNAME;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  433. echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  434. echo " error_log /dev/null;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  435. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  436. function_check nginx_disable_sniffing
  437. nginx_disable_sniffing ${GHOST_DOMAIN_NAME}
  438. echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  439. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  440. echo ' location / {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  441. function_check nginx_limits
  442. nginx_limits ${GHOST_DOMAIN_NAME} '10G'
  443. echo " proxy_pass http://localhost:${GHOST_PORT};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  444. echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  445. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  446. echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  447. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  448. echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  449. echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  450. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  451. echo ' location = /robots.txt {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  452. echo ' allow all;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  453. echo ' log_not_found off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  454. echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  455. echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  456. echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  457. nginx_keybase ${GHOST_DOMAIN_NAME}
  458. echo '}' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
  459. function_check create_site_certificate
  460. create_site_certificate $GHOST_DOMAIN_NAME 'yes'
  461. function_check configure_php
  462. configure_php
  463. if [[ $ONION_ONLY != 'no' ]]; then
  464. sed -i "s|url: .*|url: 'http://${GHOST_ONION_HOSTNAME}',|g" /var/www/${GHOST_DOMAIN_NAME}/htdocs/config.js
  465. systemctl restart ghost
  466. fi
  467. ghost_replace_services
  468. function_check nginx_ensite
  469. nginx_ensite $GHOST_DOMAIN_NAME
  470. systemctl restart nginx
  471. ${PROJECT_NAME}-pass -u $MY_USERNAME -a ghost -p "$GHOST_ADMIN_PASSWORD"
  472. function_check add_ddns_domain
  473. add_ddns_domain $GHOST_DOMAIN_NAME
  474. set_completion_param "ghost domain" "$GHOST_DOMAIN_NAME"
  475. if ! grep -q "ghost version:" ${COMPLETION_FILE}; then
  476. echo "ghost version:${GHOST_VERSION}" >> ${COMPLETION_FILE}
  477. else
  478. sed -i "s|ghost version.*|ghost version:${GHOST_VERSION}|g" ${COMPLETION_FILE}
  479. fi
  480. APP_INSTALLED=1
  481. }
  482. # NOTE: deliberately no exit 0