free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
5321 Commits
5 Branches
Tree: cce5157221
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'cce5157221'
${ noResults }
freedombone/src/freedombone-app-radicale

freedombone-app-radicale 15KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # Radicale calendar system

  12. #

  13. # Configuration based upon:

  14. #   https://gigacog.com/blog/2016/01/radicale-and-uwsgi-on-nginx-with-systemd

  15. #

  16. # License

  17. # =======

  18. #

  19. # Copyright (C) 2016 Bob Mottram <bob@freedombone.net>

  20. #

  21. # This program is free software: you can redistribute it and/or modify

  22. # it under the terms of the GNU Affero General Public License as published by

  23. # the Free Software Foundation, either version 3 of the License, or

  24. # (at your option) any later version.

  25. #

  26. # This program is distributed in the hope that it will be useful,

  27. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  28. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  29. # GNU Affero General Public License for more details.

  30. #

  31. # You should have received a copy of the GNU Affero General Public License

  32. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  33. 

  34. VARIANTS='full full-vim'

  35. 

  36. IN_DEFAULT_INSTALL=1

  37. SHOW_ON_ABOUT=1

  38. 

  39. RADICALE_PASSWORD=

  40. RADICALE_ONION_PORT=8106

  41. RADICALE_PORT=5232

  42. RADICALE_DIRECTORY='/etc/radicale'

  43. 

  44. radicale_variables=(ONION_ONLY

  45.                     MY_USERNAME

  46.                     RADICALE_PASSWORD

  47.                     DEFAULT_DOMAIN_NAME)

  48. 

  49. function remove_user_radicale {

  50.     remove_username="$1"

  51.     if grep "$remove_username:" ${RADICALE_DIRECTORY}/users; then

  52.         sed -i "/$remove_username:/d" ${RADICALE_DIRECTORY}/users

  53.         systemctl reload radicale

  54.     fi

  55. }

  56. 

  57. function add_user_radicale {

  58.     new_username="$1"

  59.     new_user_password="$2"

  60. 

  61.     if [ ! -f ${RADICALE_DIRECTORY}/users ]; then

  62.         touch ${RADICALE_DIRECTORY}/users

  63.     fi

  64. 

  65.     if ! grep "$new_username:" ${RADICALE_DIRECTORY}/users; then

  66.         htpasswd -Bb ${RADICALE_DIRECTORY}/users "$new_username" "$new_user_password"

  67.         systemctl reload radicale

  68.     fi

  69.     echo '0'

  70. }

  71. 

  72. function install_interactive_radicale {

  73.     echo -n ''

  74.     APP_INSTALLED=1

  75. }

  76. 

  77. function change_password_radicale {

  78.     echo -n ''

  79. }

  80. 

  81. function reconfigure_radicale {

  82.     echo -n ''

  83. }

  84. 

  85. function upgrade_radicale {

  86.     if [ -f /etc/init.d/radicale ]; then

  87.         systemctl stop radicale

  88.         rm /etc/init.d/radicale

  89.         systemctl daemon-reload

  90.         systemctl start radicale

  91.     fi

  92. }

  93. 

  94. function backup_local_radicale {

  95.     source_directory=${RADICALE_DIRECTORY}

  96.     if [ -d $source_directory ]; then

  97.         dest_directory=radicale

  98.         function_check backup_directory_to_usb

  99.         backup_directory_to_usb $source_directory $dest_directory

  100.     fi

  101. }

  102. 

  103. function restore_local_radicale {

  104.     if [ -d ${RADICALE_DIRECTORY} ]; then

  105.         temp_restore_dir=/root/tempradicale

  106.         function_check restore_directory_from_usb

  107.         restore_directory_from_usb $temp_restore_dir radicale

  108.         cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  109.         if [ ! "$?" = "0" ]; then

  110.             function_check backup_unmount_drive

  111.             backup_unmount_drive

  112.             exit 46872

  113.         fi

  114.         rm -rf $temp_restore_dir

  115.         systemctl restart radicale

  116.     fi

  117. }

  118. 

  119. function backup_remote_radicale {

  120.     if [ -d ${RADICALE_DIRECTORY} ]; then

  121.         echo $"Backing up the radicale settings"

  122.         backup_directory_to_friend ${RADICALE_DIRECTORY} radicale

  123.         echo $"Backup of radicale settings complete"

  124.     fi

  125. }

  126. 

  127. function restore_remote_radicale {

  128.     if [ -d ${RADICALE_DIRECTORY} ]; then

  129.         temp_restore_dir=/root/tempradicale

  130.         function_check restore_directory_from_friend

  131.         restore_directory_from_friend $temp_restore_dir radicale

  132.         cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  133.         if [ ! "$?" = "0" ]; then

  134.             exit 463735

  135.         fi

  136.         rm -rf $temp_restore_dir

  137.         systemctl restart radicale

  138.     fi

  139. }

  140. 

  141. function configure_firewall_for_radicale {

  142.     if [ ! -d ${RADICALE_DIRECTORY} ]; then

  143.         return

  144.     fi

  145.     if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then

  146.         # docker does its own firewalling

  147.         return

  148.     fi

  149.     if [[ $ONION_ONLY != "no" ]]; then

  150.         return

  151.     fi

  152.     firewall_add radicale ${RADICALE_PORT} tcp

  153.     mark_completed $FUNCNAME

  154. }

  155. 

  156. function remove_radicale {

  157.     nginx_dissite radicale

  158.     systemctl stop radicale

  159.     systemctl stop uwsgi_rundir

  160.     systemctl disable radicale

  161.     systemctl disable uwsgi_rundir

  162.     if [ -f /etc/systemd/system/uwsgi_rundir.service ]; then

  163.         rm /etc/systemd/system/uwsgi_rundir.service

  164.     fi

  165.     if [ -f /etc/systemd/system/radicale.service ]; then

  166.         rm /etc/systemd/system/radicale.service

  167.     fi

  168.     if [ -f /etc/nginx/sites-available/radicale ]; then

  169.         rm /etc/nginx/sites-available/radicale

  170.     fi

  171.     if [ -f /usr/local/bin/uwsgi_rundir.sh ]; then

  172.         rm /usr/local/bin/uwsgi_rundir.sh

  173.     fi

  174. 

  175.     firewall_remove ${RADICALE_PORT} tcp

  176. 

  177.     function_check remove_onion_service

  178.     remove_onion_service radicale ${RADICALE_ONION_PORT}

  179. 

  180.     apt-get -yq remove --purge radicale python-radicale

  181.     if [ -d ${RADICALE_DIRECTORY} ]; then

  182.         rm -rf ${RADICALE_DIRECTORY}

  183.     fi

  184.     if [ -d /var/www/radicale ]; then

  185.         rm -rf /var/www/radicale

  186.     fi

  187.     if [ -f touch /var/log/radicale/radicale.log ]; then

  188.         rm -rf /var/log/radicale

  189.     fi

  190. 

  191.     remove_completion_param install_radicale

  192.     sed -i '/radicale/d' $COMPLETION_FILE

  193.     sed -i '/Radicale/d' /home/$MY_USERNAME/README

  194. }

  195. 

  196. function install_radicale {

  197.     if [[ $ONION_ONLY == 'no' ]]; then

  198.         # obtain a cert for the default domain

  199.         if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then

  200.             echo $'Obtaining certificate for the main domain'

  201.             create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'

  202.         fi

  203.     fi

  204. 

  205.     if [ ! -d /var/log/radicale ]; then

  206.         mkdir /var/log/radicale

  207.     fi

  208.     if [ ! -f /var/log/radicale/radicale.log ]; then

  209.         touch /var/log/radicale/radicale.log

  210.     fi

  211.     chown -R www-data:www-data /var/log/radicale

  212. 

  213.     apt-get -yq install python-radicale uwsgi uwsgi-plugin-python radicale apache2-utils

  214. 

  215.     if [ ! -d ${RADICALE_DIRECTORY} ]; then

  216.         echo $"ERROR: radicale does not appear to have installed"

  217.         exit 46372

  218.     fi

  219.     systemctl stop radicale

  220.     if [ -f /etc/init.d/radicale ]; then

  221.         rm /etc/init.d/radicale

  222.     fi

  223. 

  224.     if [ ! -d ${RADICALE_DIRECTORY}/collections ]; then

  225.         mkdir -p ${RADICALE_DIRECTORY}/collections

  226.     fi

  227.     chown www-data:www-data ${RADICALE_DIRECTORY}/collections

  228. 

  229.     echo '[server]' >  ${RADICALE_DIRECTORY}/config

  230.     echo 'hosts=127.0.0.1:52322' >> ${RADICALE_DIRECTORY}/config

  231.     echo 'ssl = False' >> ${RADICALE_DIRECTORY}/config

  232.     echo '' >> ${RADICALE_DIRECTORY}/config

  233.     echo '[auth]' >>  ${RADICALE_DIRECTORY}/config

  234.     echo 'type = htpasswd' >> ${RADICALE_DIRECTORY}/config

  235.     echo "htpasswd_filename = ${RADICALE_DIRECTORY}/users" >> ${RADICALE_DIRECTORY}/config

  236.     echo 'htpasswd_encryption = bcrypt' >> ${RADICALE_DIRECTORY}/config

  237.     echo '' >> ${RADICALE_DIRECTORY}/config

  238.     echo '[rights]' >> ${RADICALE_DIRECTORY}/config

  239.     echo 'type = owner_only' >> ${RADICALE_DIRECTORY}/config

  240.     echo '' >> ${RADICALE_DIRECTORY}/config

  241.     echo '[storage]' >> ${RADICALE_DIRECTORY}/config

  242.     echo 'type = filesystem' >> ${RADICALE_DIRECTORY}/config

  243.     echo "filesystem_folder = ${RADICALE_DIRECTORY}/collections" >> ${RADICALE_DIRECTORY}/config

  244. 

  245.     if [ ${#RADICALE_PASSWORD} -lt 8 ]; then

  246.         if [ -f $IMAGE_PASSWORD_FILE ]; then

  247.             RADICALE_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"

  248.         else

  249.             RADICALE_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"

  250.         fi

  251.     fi

  252.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  253. 

  254.     if [ ! -f /var/www/radicale ]; then

  255.         mkdir /var/www/radicale

  256.     fi

  257.     echo 'import radicale' > /var/www/radicale/radicale.py

  258.     echo 'radicale.log.start()' >> /var/www/radicale/radicale.py

  259.     echo 'application = radicale.Application()' >> /var/www/radicale/radicale.py

  260. 

  261.     #echo '[uwsgi]' > /var/www/radicale/uwsgi.ini

  262.     #echo 'plugins = python' >> /var/www/radicale/uwsgi.ini

  263.     #echo 'socket = /var/run/uwsgi/radicale.sock' >> /var/www/radicale/uwsgi.ini

  264.     #echo 'chmod-socket = 660' >> /var/www/radicale/uwsgi.ini

  265.     #echo '' >> /var/www/radicale/uwsgi.ini

  266.     #echo 'wsgi-file = /var/www/radicale/radicale.py' >> /var/www/radicale/uwsgi.ini

  267.     #echo 'master' >> /var/www/radicale/uwsgi.ini

  268.     #echo 'workers = 1' >> /var/www/radicale/uwsgi.ini

  269.     #echo 'max-requests = 100' >> /var/www/radicale/uwsgi.ini

  270.     #echo 'harakiri = 30' >> /var/www/radicale/uwsgi.ini

  271.     #echo 'die-on-term' >> /var/www/radicale/uwsgi.ini

  272. 

  273.     #echo '#!/bin/sh' > /usr/local/bin/uwsgi_rundir.sh

  274.     #echo 'mkdir -p /var/run/uwsgi' >> /usr/local/bin/uwsgi_rundir.sh

  275.     #echo 'chown www-data:www-data /var/run/uwsgi' >> /usr/local/bin/uwsgi_rundir.sh

  276.     #chmod +x /usr/local/bin/uwsgi_rundir.sh

  277. 

  278.     #echo '[Unit]' > /etc/systemd/system/uwsgi_rundir.service

  279.     #echo 'Description=UWSGI socket directory' >> /etc/systemd/system/uwsgi_rundir.service

  280.     #echo 'After=network.target' >> /etc/systemd/system/uwsgi_rundir.service

  281.     #echo '' >> /etc/systemd/system/uwsgi_rundir.service

  282.     #echo '[Service]' >> /etc/systemd/system/uwsgi_rundir.service

  283.     #echo 'Type=simple' >> /etc/systemd/system/uwsgi_rundir.service

  284.     #echo 'User=root' >> /etc/systemd/system/uwsgi_rundir.service

  285.     #echo 'ExecStart=/usr/local/bin/uwsgi_rundir.sh' >> /etc/systemd/system/uwsgi_rundir.service

  286.     #echo '' >> /etc/systemd/system/uwsgi_rundir.service

  287.     #echo '[Install]' >> /etc/systemd/system/uwsgi_rundir.service

  288.     #echo 'WantedBy=multi-user.target' >> /etc/systemd/system/uwsgi_rundir.service

  289.     #systemctl enable uwsgi_rundir

  290. 

  291.     echo '[Unit]' > /etc/systemd/system/radicale.service

  292.     echo 'Description=Radicale CalDAV Server' >> /etc/systemd/system/radicale.service

  293.     echo 'After=network.target' >> /etc/systemd/system/radicale.service

  294.     echo 'Requires=uwsgi_rundir.service' >> /etc/systemd/system/radicale.service

  295.     echo '' >> /etc/systemd/system/radicale.service

  296.     echo '[Service]' >> /etc/systemd/system/radicale.service

  297.     echo 'Type=simple' >> /etc/systemd/system/radicale.service

  298.     echo 'User=www-data' >> /etc/systemd/system/radicale.service

  299.     echo 'Group=www-data' >> /etc/systemd/system/radicale.service

  300.     echo 'ExecStart=/var/www/radicale/radicale.py' >> /etc/systemd/system/radicale.service

  301.     echo '' >> /etc/systemd/system/radicale.service

  302.     echo '[Install]' >> /etc/systemd/system/radicale.service

  303.     echo 'WantedBy=multi-user.target' >> /etc/systemd/system/radicale.service

  304.     systemctl enable radicale

  305.     systemctl start radicale

  306. 

  307.     RADICALE_ONION_HOSTNAME=$(add_onion_service radicale 80 ${RADICALE_ONION_PORT})

  308. 

  309.     if [[ $ONION_ONLY == 'no' ]]; then

  310.         echo 'server {' > /etc/nginx/sites-available/radicale

  311.         echo "    listen ${RADICALE_PORT} ssl;" >> /etc/nginx/sites-available/radicale

  312.         echo "    listen [::]:${RADICALE_PORT} ssl;" >> /etc/nginx/sites-available/radicale

  313.         echo '' >> /etc/nginx/sites-available/radicale

  314.         function_check nginx_ssl

  315.         nginx_ssl radicale

  316.         function_check nginx_disable_sniffing

  317.         nginx_disable_sniffing radicale

  318.         echo '' >> /etc/nginx/sites-available/radicale

  319.         echo "    server_name $DEFAULT_DOMAIN_NAME;" >> /etc/nginx/sites-available/radicale

  320. 

  321.         echo '' >> /etc/nginx/sites-available/radicale

  322.         echo '    access_log /dev/null;' >> /etc/nginx/sites-available/radicale

  323.         echo '    error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/radicale

  324.         echo '' >> /etc/nginx/sites-available/radicale

  325.         echo '    location / {' >> /etc/nginx/sites-available/radicale

  326.         echo '        uwsgi_pass unix:/var/run/uwsgi/radicale.sock;' >> /etc/nginx/sites-available/radicale

  327.         echo '        include uwsgi_params;' >> /etc/nginx/sites-available/radicale

  328.         echo '    }' >> /etc/nginx/sites-available/radicale

  329.         echo '}' >> /etc/nginx/sites-available/radicale

  330.         echo '' >> /etc/nginx/sites-available/radicale

  331.     else

  332.         echo -n '' > /etc/nginx/sites-available/radicale

  333.     fi

  334.     echo 'server {' >> /etc/nginx/sites-available/radicale

  335.     echo "    listen 127.0.0.1:${RADICALE_ONION_PORT} default_server;" >> /etc/nginx/sites-available/radicale

  336.     echo '' >> /etc/nginx/sites-available/radicale

  337.     echo "    server_name ${RADICALE_ONION_HOSTNAME};" >> /etc/nginx/sites-available/radicale

  338.     echo '' >> /etc/nginx/sites-available/radicale

  339.     echo '    access_log /dev/null;' >> /etc/nginx/sites-available/radicale

  340.     echo '    error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/radicale

  341.     echo '' >> /etc/nginx/sites-available/radicale

  342.     echo '    location / {' >> /etc/nginx/sites-available/radicale

  343.     echo '        proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/radicale

  344.     #echo '        uwsgi_pass unix:/var/run/uwsgi/radicale.sock;' >> /etc/nginx/sites-available/radicale

  345.     #echo '        include uwsgi_params;' >> /etc/nginx/sites-available/radicale

  346.     echo '    }' >> /etc/nginx/sites-available/radicale

  347.     echo '}' >> /etc/nginx/sites-available/radicale

  348. 

  349.     if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then

  350.         sed -i "s|radicale.crt|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  351.         sed -i "s|radicale.pem|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  352.     fi

  353.     sed -i "s|radicale.key|${DEFAULT_DOMAIN_NAME}.key|g" /etc/nginx/sites-available/radicale

  354.     sed -i "s|radicale.dhparam|${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/nginx/sites-available/radicale

  355. 

  356.     # create a certificate

  357.     #if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then

  358.     #    if [[ "$(cert_exists $DEFAULT_DOMAIN_NAME)" == "0" ]]; then

  359.     #        ${PROJECT_NAME}-addcert -h $DEFAULT_DOMAIN_NAME --dhkey ${DH_KEYLENGTH}

  360.     #        check_certificates $DEFAULT_DOMAIN_NAME

  361.     #    fi

  362.     #fi

  363. 

  364.     update_default_domain

  365. 

  366.     nginx_ensite radicale

  367.     systemctl reload nginx

  368. 

  369.     set_completion_param "radicale onion domain" "${RADICALE_ONION_HOSTNAME}"

  370. 

  371.     if ! grep -q "# Radicale" /home/$MY_USERNAME/README; then

  372.         echo '' >> /home/$MY_USERNAME/README

  373.         echo $'# Radicale' >> /home/$MY_USERNAME/README

  374.         echo $"Radicale onion domain: ${RADICALE_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README

  375.         echo $"Your Radicale password is: ${RADICALE_PASSWORD}" >> /home/$MY_USERNAME/README

  376.         chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README

  377.         chmod 600 /home/$MY_USERNAME/README

  378.     else

  379.         sed -i "s|Radicale onion domain.*|Radicale onion domain: ${RADICALE_ONION_HOSTNAME}|g" /home/$MY_USERNAME/README

  380.         sed -i "s|Your Radicale password is.*|Your Radicale password is: ${RADICALE_PASSWORD}|g" /home/$MY_USERNAME/README

  381.     fi

  382. 

  383.     function_check configure_firewall_for_radicale

  384.     configure_firewall_for_radicale

  385. 

  386.     APP_INSTALLED=1

  387. }

  388. 

  389. # NOTE: deliberately no exit 0