free
/
freedombone
ウォッチ 1
お気に入りに登録 0
フォーク 0
コード 課題 0 プルリクエスト 0 リリース 0 Wiki アクティビティ
5333 コミット
5 ブランチ
ツリー: a0d693cc5f
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'a0d693cc5f' から
${ noResults }
freedombone/src/freedombone-app-radicale

freedombone-app-radicale 16KB
履歴 Raw形式

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # Radicale calendar system

  12. #

  13. # Configuration based upon:

  14. #   https://gigacog.com/blog/2016/01/radicale-and-uwsgi-on-nginx-with-systemd

  15. #

  16. # License

  17. # =======

  18. #

  19. # Copyright (C) 2016 Bob Mottram <bob@freedombone.net>

  20. #

  21. # This program is free software: you can redistribute it and/or modify

  22. # it under the terms of the GNU Affero General Public License as published by

  23. # the Free Software Foundation, either version 3 of the License, or

  24. # (at your option) any later version.

  25. #

  26. # This program is distributed in the hope that it will be useful,

  27. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  28. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  29. # GNU Affero General Public License for more details.

  30. #

  31. # You should have received a copy of the GNU Affero General Public License

  32. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  33. 

  34. VARIANTS='full full-vim'

  35. 

  36. IN_DEFAULT_INSTALL=1

  37. SHOW_ON_ABOUT=1

  38. 

  39. RADICALE_VERSION='1.1.1'

  40. RADICALE_HASH='e2c9812913c464ab88ae1f66b29e81f87a4cc6ee1c94d167b33508c530dab4b0'

  41. RADICALE_PASSWORD=

  42. RADICALE_ONION_PORT=8106

  43. RADICALE_PORT=5232

  44. RADICALE_DIRECTORY='/etc/radicale'

  45. RADICALE_USERS=/var/www/radicale/users

  46. 

  47. radicale_variables=(ONION_ONLY

  48.                     MY_USERNAME

  49.                     RADICALE_PASSWORD

  50.                     DEFAULT_DOMAIN_NAME)

  51. 

  52. function remove_user_radicale {

  53.     remove_username="$1"

  54.     if grep "$remove_username:" ${RADICALE_USERS}; then

  55.         sed -i "/$remove_username:/d" ${RADICALE_USERS}

  56.         systemctl reload radicale

  57.     fi

  58. }

  59. 

  60. function add_user_radicale {

  61.     new_username="$1"

  62.     new_user_password="$2"

  63. 

  64.     if [ ! -f ${RADICALE_USERS} ]; then

  65.         touch ${RADICALE_USERS}

  66.     fi

  67. 

  68.     if ! grep "$new_username:" ${RADICALE_USERS}; then

  69.         htpasswd -bd ${RADICALE_USERS} "$new_username" "$new_user_password"

  70.         chown www-data:www-data ${RADICALE_USERS}

  71.         systemctl reload radicale

  72.     fi

  73.     echo '0'

  74. }

  75. 

  76. function install_interactive_radicale {

  77.     echo -n ''

  78.     APP_INSTALLED=1

  79. }

  80. 

  81. function change_password_radicale {

  82.     echo -n ''

  83. }

  84. 

  85. function reconfigure_radicale {

  86.     echo -n ''

  87. }

  88. 

  89. function upgrade_radicale {

  90.     echo -n ''

  91. }

  92. 

  93. function backup_local_radicale {

  94.     source_directory=${RADICALE_DIRECTORY}

  95.     if [ -d $source_directory ]; then

  96.         dest_directory=radicale

  97.         function_check backup_directory_to_usb

  98.         backup_directory_to_usb $source_directory $dest_directory

  99.     fi

  100.     source_directory=/var/www/radicale/collections

  101.     if [ -d $source_directory ]; then

  102.         dest_directory=radicalecollections

  103.         function_check backup_directory_to_usb

  104.         backup_directory_to_usb $source_directory $dest_directory

  105.     fi

  106. }

  107. 

  108. function restore_local_radicale {

  109.     if [ -d ${RADICALE_DIRECTORY} ]; then

  110.         temp_restore_dir=/root/tempradicale

  111.         function_check restore_directory_from_usb

  112.         restore_directory_from_usb $temp_restore_dir radicale

  113.         cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  114.         if [ ! "$?" = "0" ]; then

  115.             function_check backup_unmount_drive

  116.             backup_unmount_drive

  117.             exit 46872

  118.         fi

  119.         rm -rf $temp_restore_dir

  120. 

  121.         temp_restore_dir=/root/tempradicalecollections

  122.         restore_directory_from_usb $temp_restore_dir radicalecollections

  123.         cp -r $temp_restore_dir/var/www/radicale/collections/* /var/www/radicale/collections

  124.         if [ ! "$?" = "0" ]; then

  125.             function_check backup_unmount_drive

  126.             backup_unmount_drive

  127.             exit 367363

  128.         fi

  129.         rm -rf $temp_restore_dir

  130.         chown -R www-data:www-data /var/www/radicale

  131. 

  132.         systemctl restart radicale

  133.     fi

  134. }

  135. 

  136. function backup_remote_radicale {

  137.     if [ -d ${RADICALE_DIRECTORY} ]; then

  138.         echo $"Backing up the radicale settings"

  139.         backup_directory_to_friend ${RADICALE_DIRECTORY} radicale

  140.         backup_directory_to_friend /var/www/radicale/collections radicalecollections

  141.         echo $"Backup of radicale settings complete"

  142.     fi

  143. }

  144. 

  145. function restore_remote_radicale {

  146.     if [ -d ${RADICALE_DIRECTORY} ]; then

  147.         temp_restore_dir=/root/tempradicale

  148.         function_check restore_directory_from_friend

  149.         restore_directory_from_friend $temp_restore_dir radicale

  150.         cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  151.         if [ ! "$?" = "0" ]; then

  152.             exit 236746

  153.         fi

  154.         rm -rf $temp_restore_dir

  155. 

  156.         temp_restore_dir=/root/tempradicalecollections

  157.         restore_directory_from_friend $temp_restore_dir radicalecollections

  158.         cp -r $temp_restore_dir/var/www/radicale/collections/* /var/www/radicale/collections

  159.         if [ ! "$?" = "0" ]; then

  160.             exit 3674284

  161.         fi

  162.         rm -rf $temp_restore_dir

  163.         chown -R www-data:www-data /var/www/radicale

  164. 

  165.         systemctl restart radicale

  166.     fi

  167. }

  168. 

  169. function remove_radicale {

  170.     nginx_dissite radicale

  171.     systemctl stop radicale

  172.     systemctl stop uwsgi_rundir

  173.     systemctl disable radicale

  174.     systemctl disable uwsgi_rundir

  175.     if [ -f /etc/systemd/system/uwsgi_rundir.service ]; then

  176.         rm /etc/systemd/system/uwsgi_rundir.service

  177.     fi

  178.     if [ -f /etc/systemd/system/radicale.service ]; then

  179.         rm /etc/systemd/system/radicale.service

  180.     fi

  181.     if [ -f /etc/nginx/sites-available/radicale ]; then

  182.         rm /etc/nginx/sites-available/radicale

  183.     fi

  184.     if [ -f /usr/local/bin/uwsgi_rundir.sh ]; then

  185.         rm /usr/local/bin/uwsgi_rundir.sh

  186.     fi

  187. 

  188.     firewall_remove ${RADICALE_PORT} tcp

  189. 

  190.     function_check remove_onion_service

  191.     remove_onion_service radicale ${RADICALE_ONION_PORT}

  192. 

  193.     apt-get -yq remove --purge radicale python-radicale

  194.     if [ -d ${RADICALE_DIRECTORY} ]; then

  195.         rm -rf ${RADICALE_DIRECTORY}

  196.     fi

  197.     if [ -d /var/www/radicale ]; then

  198.         rm -rf /var/www/radicale

  199.     fi

  200.     if [ -f touch /var/log/radicale/radicale.log ]; then

  201.         rm -rf /var/log/radicale

  202.     fi

  203.     if [ -d /var/log/radicale ]; then

  204.         rm -rf /var/log/radicale

  205.     fi

  206. 

  207.     remove_completion_param install_radicale

  208.     sed -i '/radicale/d' $COMPLETION_FILE

  209.     sed -i '/Radicale/d' /home/$MY_USERNAME/README

  210.     sed -i '/location \/radicale/,/}/d' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  211.     systemctl restart nginx

  212. }

  213. 

  214. function install_radicale {

  215.     if [[ $ONION_ONLY == 'no' ]]; then

  216.         # obtain a cert for the default domain

  217.         if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then

  218.             echo $'Obtaining certificate for the main domain'

  219.             create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'

  220.         fi

  221.     fi

  222. 

  223.     apt-get -yq remove --purge radicale python-radicale

  224. 

  225.     # create directories

  226.     if [ ! -d /var/log/radicale ]; then

  227.         mkdir /var/log/radicale

  228.     fi

  229.     if [ ! -f /var/log/radicale/radicale.log ]; then

  230.         touch /var/log/radicale/radicale.log

  231.     fi

  232.     chown -R www-data:www-data /var/log/radicale

  233. 

  234.     apt-get -yq install python-setuptools apache2-utils

  235. 

  236.     if [ ! -d /var/www/radicale ]; then

  237.         mkdir -p /var/www/radicale

  238.     fi

  239. 

  240.     # get the source

  241.     cd /var/www/radicale

  242.     wget http://pypi.python.org/packages/source/R/Radicale/Radicale-${RADICALE_VERSION}.tar.gz

  243. 

  244.     # check the hash

  245.     hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')

  246.     if [[ "$hash" != "$RADICALE_HASH" ]]; then

  247.         echo $'radicale hash does not match'

  248.         exit 638532

  249.     fi

  250. 

  251.     tar -xzf Radicale-${RADICALE_VERSION}.tar.gz

  252.     if [ ! -d Radicale-${RADICALE_VERSION} ]; then

  253.         exit 623252

  254.     fi

  255.     rm Radicale-${RADICALE_VERSION}.tar.gz

  256.     cd Radicale-${RADICALE_VERSION}

  257.     python setup.py install

  258.     if [ ! -f /usr/local/bin/radicale ]; then

  259.         echo $'Radicale did not install'

  260.         exit 7283554

  261.     fi

  262. 

  263.     if [ ! -d ${RADICALE_DIRECTORY} ]; then

  264.         mkdir ${RADICALE_DIRECTORY}

  265.     fi

  266.     if [ ! -d /var/www/radicale/collections ]; then

  267.         mkdir -p /var/www/radicale/collections

  268.     fi

  269.     chown -R www-data:www-data /var/www/radicale

  270. 

  271.     # create the configuration

  272.     echo '[server]' >  ${RADICALE_DIRECTORY}/config

  273.     echo 'hosts=127.0.0.1:52322' >> ${RADICALE_DIRECTORY}/config

  274.     echo 'ssl = False' >> ${RADICALE_DIRECTORY}/config

  275.     echo 'daemon = False' >> ${RADICALE_DIRECTORY}/config

  276.     echo 'base_prefix=/radicale/' >> ${RADICALE_DIRECTORY}/config

  277.     echo '' >> ${RADICALE_DIRECTORY}/config

  278.     echo '[storage]' >> ${RADICALE_DIRECTORY}/config

  279.     echo 'type = filesystem' >> ${RADICALE_DIRECTORY}/config

  280.     echo "filesystem_folder = /var/www/radicale/collections" >> ${RADICALE_DIRECTORY}/config

  281.     echo '' >> ${RADICALE_DIRECTORY}/config

  282.     echo '[logging]' >> ${RADICALE_DIRECTORY}/config

  283.     echo 'debug = False' >> ${RADICALE_DIRECTORY}/config

  284. 

  285.     # create an admin password

  286.     if [ ${#RADICALE_PASSWORD} -lt 8 ]; then

  287.         if [ -f $IMAGE_PASSWORD_FILE ]; then

  288.             RADICALE_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"

  289.         else

  290.             RADICALE_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"

  291.         fi

  292.     fi

  293.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  294. 

  295.     echo '[Unit]' > /etc/systemd/system/radicale.service

  296.     echo 'Description=Radicale CalDAV Server' >> /etc/systemd/system/radicale.service

  297.     echo 'After=network.target' >> /etc/systemd/system/radicale.service

  298.     echo '' >> /etc/systemd/system/radicale.service

  299.     echo '[Service]' >> /etc/systemd/system/radicale.service

  300.     echo 'Type=simple' >> /etc/systemd/system/radicale.service

  301.     echo 'User=www-data' >> /etc/systemd/system/radicale.service

  302.     echo 'Group=www-data' >> /etc/systemd/system/radicale.service

  303.     echo "ExecStart=/usr/local/bin/radicale --config ${RADICALE_DIRECTORY}/config" >> /etc/systemd/system/radicale.service

  304.     echo '' >> /etc/systemd/system/radicale.service

  305.     echo '[Install]' >> /etc/systemd/system/radicale.service

  306.     echo 'WantedBy=multi-user.target' >> /etc/systemd/system/radicale.service

  307.     systemctl enable radicale

  308.     systemctl start radicale

  309. 

  310.     if [ ! -f /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} ]; then

  311.         # create a new site config

  312.         RADICALE_ONION_HOSTNAME=$(add_onion_service radicale 80 ${RADICALE_ONION_PORT})

  313. 

  314.         if [[ $ONION_ONLY == 'no' ]]; then

  315.             echo 'server {' > /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  316.             echo "    listen 443 ssl;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  317.             echo "    listen [::]:443 ssl;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  318.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  319.             function_check nginx_ssl

  320.             nginx_ssl ${DEFAULT_DOMAIN_NAME}

  321.             function_check nginx_disable_sniffing

  322.             nginx_disable_sniffing ${DEFAULT_DOMAIN_NAME}

  323.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  324.             echo "    server_name ${DEFAULT_DOMAIN_NAME};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  325. 

  326.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  327.             echo '    access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  328.             echo '    error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  329.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  330.             echo '    location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  331.             echo '        auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  332.             echo "        auth_basic_user_file ${RADICALE_USERS};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  333.             echo '        proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  334.             echo '        proxy_buffering on;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  335.             echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  336.             echo '}' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  337.             echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  338.         else

  339.             echo -n '' > /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  340.         fi

  341.         echo 'server {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  342.         echo "    listen 127.0.0.1:${RADICALE_ONION_PORT} default_server;" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  343.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  344.         echo "    server_name ${RADICALE_ONION_HOSTNAME};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  345.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  346.         echo '    access_log /dev/null;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  347.         echo '    error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  348.         echo '' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  349.         echo '    location /radicale {' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  350.         echo '        auth_basic "Radicale";' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  351.         echo "        auth_basic_user_file ${RADICALE_USERS};" >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  352.         echo '        proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  353.         echo '        proxy_buffering on;' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  354.         echo '    }' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  355.         echo '}' >> /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  356. 

  357.         set_completion_param "radicale onion domain" "${RADICALE_ONION_HOSTNAME}"

  358.     else

  359.         # alter the existing site config

  360.         if ! grep "radicale" /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}; then

  361.             sed -i '/ 443/a    location \/radicale {\n        auth_basic "Radicale";\n        auth_basic_user_file \/var\/www\/radicale\/users;\n        proxy_pass http://127.0.0.1:52322;\n        proxy_buffering on;\n    }' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  362.             sed -i '/listen 127.0.0.1/a    location \/radicale {\n        auth_basic "Radicale";\n        auth_basic_user_file \/var\/www\/radicale\/users;\n        proxy_pass http://127.0.0.1:52322;\n        proxy_buffering on;\n    }' /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}

  363.         fi

  364.     fi

  365. 

  366.     # create a certificate

  367.     if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then

  368.         if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then

  369.             ${PROJECT_NAME}-addcert -h $DEFAULT_DOMAIN_NAME --dhkey ${DH_KEYLENGTH}

  370.             check_certificates $DEFAULT_DOMAIN_NAME

  371.         fi

  372.     fi

  373. 

  374.     if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then

  375.         sed -i "s|radicale.crt|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  376.         sed -i "s|radicale.pem|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  377.     fi

  378.     sed -i "s|radicale.key|${DEFAULT_DOMAIN_NAME}.key|g" /etc/nginx/sites-available/radicale

  379.     sed -i "s|radicale.dhparam|${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/nginx/sites-available/radicale

  380. 

  381.     update_default_domain

  382. 

  383.     nginx_ensite radicale

  384.     systemctl reload nginx

  385. 

  386.     if ! grep -q "# Radicale" /home/$MY_USERNAME/README; then

  387.         echo '' >> /home/$MY_USERNAME/README

  388.         echo $'# Radicale' >> /home/$MY_USERNAME/README

  389.         echo $"Your Radicale password is: ${RADICALE_PASSWORD}" >> /home/$MY_USERNAME/README

  390.         echo $"Radicale is accessible via https://${DEFAULT_DOMAIN_NAME}/radicale/${MY_USERNAME}/calendar/" >> /home/$MY_USERNAME/README

  391.         chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README

  392.         chmod 600 /home/$MY_USERNAME/README

  393.     else

  394.         sed -i "s|Your Radicale password is.*|Your Radicale password is: ${RADICALE_PASSWORD}|g" /home/$MY_USERNAME/README

  395.     fi

  396. 

  397.     APP_INSTALLED=1

  398. }

  399. 

  400. # NOTE: deliberately no exit 0