free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
8894 Commits
5 Branches
Tree: d2672e31a8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd2672e31a8'
${ noResults }
freedombone/src/freedombone-app-radicale

freedombone-app-radicale 21KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # Radicale calendar system

  12. #

  13. # Configuration based upon:

  14. #   https://gigacog.com/blog/2016/01/radicale-and-uwsgi-on-nginx-with-systemd

  15. #

  16. # License

  17. # =======

  18. #

  19. # Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>

  20. #

  21. # This program is free software: you can redistribute it and/or modify

  22. # it under the terms of the GNU Affero General Public License as published by

  23. # the Free Software Foundation, either version 3 of the License, or

  24. # (at your option) any later version.

  25. #

  26. # This program is distributed in the hope that it will be useful,

  27. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  28. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  29. # GNU Affero General Public License for more details.

  30. #

  31. # You should have received a copy of the GNU Affero General Public License

  32. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  33. 

  34. VARIANTS=''

  35. 

  36. IN_DEFAULT_INSTALL=0

  37. SHOW_ON_ABOUT=1

  38. 

  39. RADICALE_DOWNLOAD_URL='https://files.pythonhosted.org/packages/source/R/Radicale/Radicale-'

  40. RADICALE_VERSION='1.1.2'

  41. RADICALE_HASH='ebe22afb7fdcac45a5722a5b3037cc4bf261fc059beba31af7863894d2b840bc'

  42. RADICALE_PASSWORD=

  43. RADICALE_ONION_PORT=8106

  44. RADICALE_PORT=5232

  45. RADICALE_DIRECTORY='/etc/radicale'

  46. RADICALE_USERS=/var/www/radicale/users

  47. 

  48. radicale_variables=(ONION_ONLY

  49.                     MY_USERNAME

  50.                     RADICALE_PASSWORD

  51.                     DEFAULT_DOMAIN_NAME)

  52. 

  53. function logging_on_radicale {

  54.     echo -n ''

  55. }

  56. 

  57. function logging_off_radicale {

  58.     echo -n ''

  59. }

  60. 

  61. function remove_user_radicale {

  62.     remove_username="$1"

  63. 

  64.     "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp radicale

  65. 

  66.     if grep -q "${remove_username}:" ${RADICALE_USERS}; then

  67.         sed -i "/${remove_username}:/d" ${RADICALE_USERS}

  68.         if [ -d "/var/www/radicale/collections/${remove_username}" ]; then

  69.             rm -rf "/var/www/radicale/collections/${remove_username}"

  70.         fi

  71.         if [ -f "/var/www/radicale/collections/${remove_username}.props" ]; then

  72.             rm "/var/www/radicale/collections/${remove_username}.props"

  73.         fi

  74.         systemctl restart radicale

  75.     fi

  76. }

  77. 

  78. function add_user_radicale {

  79.     new_username="$1"

  80.     new_user_password="$2"

  81. 

  82.     "${PROJECT_NAME}-pass" -u "$new_username" -a radicale -p "$new_user_password"

  83. 

  84.     if [ ! -f ${RADICALE_USERS} ]; then

  85.         touch ${RADICALE_USERS}

  86.     fi

  87. 

  88.     if ! grep -q "$new_username:" ${RADICALE_USERS}; then

  89.         htpasswd -bd ${RADICALE_USERS} "$new_username" "$new_user_password"

  90. 

  91.         echo '{"ICAL:calendar-color": "#9e50df"}' > "/var/www/radicale/collections/${new_username}.props"

  92.         mkdir "/var/www/radicale/collections/${new_username}"

  93.         echo '{"ICAL:calendar-color": "#de631a", "tag": "VCALENDAR"}' > "/var/www/radicale/collections/${new_username}/calendar.props"

  94.         { echo 'BEGIN:VCALENDAR';

  95.           echo 'PRODID:-//Radicale//NONSGML Radicale Server//EN';

  96.           echo 'VERSION:2.0';

  97.           echo 'END:VCALENDAR'; } >> "/var/www/radicale/collections/${new_username}/calendar"

  98. 

  99.         chown -R www-data:www-data /var/www/radicale

  100.         chmod -R 755 /var/www/radicale/*

  101.         systemctl restart radicale

  102.     fi

  103.     echo '0'

  104. }

  105. 

  106. function change_password_radicale {

  107.     existing_username="$1"

  108.     new_user_password="$2"

  109. 

  110.     "${PROJECT_NAME}-pass" -u "$existing_username" -a radicale -p "$new_user_password"

  111. 

  112.     if grep -q "${existing_username}:" ${RADICALE_USERS}; then

  113.         sed -i "/${existing_username}:/d" ${RADICALE_USERS}

  114.         htpasswd -bd ${RADICALE_USERS} "$existing_username" "$new_user_password"

  115.         systemctl reload radicale

  116.     fi

  117. }

  118. 

  119. function install_interactive_radicale {

  120.     echo -n ''

  121.     APP_INSTALLED=1

  122. }

  123. 

  124. function reconfigure_radicale {

  125.     rm $RADICALE_USERS

  126.     rm -rf /var/www/radicale/collections/*

  127.     rm -rf /var/log/radicale/*

  128. 

  129.     # create an admin password

  130.     if [ -f "$IMAGE_PASSWORD_FILE" ]; then

  131.         RADICALE_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"

  132.     else

  133.         RADICALE_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"

  134.     fi

  135.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  136. 

  137.     "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a radicale -p "$RADICALE_PASSWORD"

  138. 

  139.     touch /var/log/radicale/radicale.log

  140.     chown -R www-data:www-data /var/log/radicale

  141. }

  142. 

  143. function upgrade_radicale {

  144.     if [ ! -f /usr/local/bin/radicale ]; then

  145.         return

  146.     fi

  147. 

  148.     if ! grep -q "radicale version:" "$COMPLETION_FILE"; then

  149.         return

  150.     fi

  151. 

  152.     CURR_RADICALE_VERSION=$(get_completion_param "radicale version")

  153.     if [[ "${CURR_RADICALE_VERSION}" == "${RADICALE_VERSION}" ]]; then

  154.         return

  155.     fi

  156. 

  157.     # get the source

  158.     cd /var/www/radicale || exit 62784628468

  159.     wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz

  160. 

  161.     # check the hash

  162.     hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')

  163.     if [[ "$hash" != "$RADICALE_HASH" ]]; then

  164.         echo $'radicale hash does not match'

  165.         exit 638532

  166.     fi

  167. 

  168.     tar -xzf Radicale-${RADICALE_VERSION}.tar.gz

  169.     if [ ! -d Radicale-${RADICALE_VERSION} ]; then

  170.         exit 73529

  171.     fi

  172.     rm Radicale-${RADICALE_VERSION}.tar.gz

  173.     cd "Radicale-${RADICALE_VERSION}" || exit 264824684

  174. 

  175.     # move the old command

  176.     mv /usr/local/bin/radicale /usr/local/bin/radicale_previous

  177. 

  178.     # do the install

  179.     python setup.py install

  180. 

  181.     # check for install success

  182.     if [ ! -f /usr/local/bin/radicale ]; then

  183.         mv /usr/local/bin/radicale_previous /usr/local/bin/radicale

  184.         echo $'Radicale did not upgrade'

  185.         exit 692353

  186.     fi

  187. 

  188.     # remove the old source

  189.     rm -rf "Radicale-${CURR_RADICALE_VERSION}" || exit 6842684282

  190. 

  191.     sed -i "s|radicale version.*|radicale version:$RADICALE_VERSION|g" "${COMPLETION_FILE}"

  192.     chown -R www-data:www-data /var/www/radicale

  193.     systemctl restart radicale

  194.     systemctl restart nginx

  195. }

  196. 

  197. function backup_local_radicale {

  198.     source_directory=${RADICALE_DIRECTORY}

  199.     if [ -d $source_directory ]; then

  200.         dest_directory=radicale

  201.         function_check backup_directory_to_usb

  202.         backup_directory_to_usb $source_directory $dest_directory

  203.     fi

  204.     source_directory=/var/www/radicale

  205.     if [ -d $source_directory ]; then

  206.         dest_directory=radicalewww

  207.         function_check backup_directory_to_usb

  208.         backup_directory_to_usb $source_directory $dest_directory

  209.     fi

  210. }

  211. 

  212. function restore_local_radicale {

  213.     if [ -d ${RADICALE_DIRECTORY} ]; then

  214.         temp_restore_dir=/root/tempradicale

  215.         function_check restore_directory_from_usb

  216.         restore_directory_from_usb $temp_restore_dir radicale

  217.         if [ -d $temp_restore_dir${RADICALE_DIRECTORY} ]; then

  218.             cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  219.         else

  220.             cp -r $temp_restore_dir/* ${RADICALE_DIRECTORY}/

  221.         fi

  222.         # shellcheck disable=SC2181

  223.         if [ ! "$?" = "0" ]; then

  224.             function_check backup_unmount_drive

  225.             backup_unmount_drive

  226.             exit 46872

  227.         fi

  228.         rm -rf $temp_restore_dir

  229. 

  230.         temp_restore_dir=/root/tempradicalewww

  231.         restore_directory_from_usb $temp_restore_dir radicalewww

  232.         if [ -d $temp_restore_dir/var/www/radicale ]; then

  233.             cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale

  234.         else

  235.             cp -r $temp_restore_dir/* /var/www/radicale/*

  236.         fi

  237.         # shellcheck disable=SC2181

  238.         if [ ! "$?" = "0" ]; then

  239.             function_check backup_unmount_drive

  240.             backup_unmount_drive

  241.             exit 367363

  242.         fi

  243.         rm -rf $temp_restore_dir

  244.         chown -R www-data:www-data /var/www/radicale

  245. 

  246.         systemctl restart radicale

  247.     fi

  248. }

  249. 

  250. function backup_remote_radicale {

  251.     if [ -d ${RADICALE_DIRECTORY} ]; then

  252.         echo $"Backing up the radicale settings"

  253.         backup_directory_to_friend ${RADICALE_DIRECTORY} radicale

  254.         backup_directory_to_friend /var/www/radicale radicalewww

  255.         echo $"Backup of radicale settings complete"

  256.     fi

  257. }

  258. 

  259. function restore_remote_radicale {

  260.     if [ -d ${RADICALE_DIRECTORY} ]; then

  261.         temp_restore_dir=/root/tempradicale

  262.         function_check restore_directory_from_friend

  263.         restore_directory_from_friend $temp_restore_dir radicale

  264.         if [ -d $temp_restore_dir${RADICALE_DIRECTORY} ]; then

  265.             cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}

  266.         else

  267.             cp -r $temp_restore_dir/* ${RADICALE_DIRECTORY}/

  268.         fi

  269.         # shellcheck disable=SC2181

  270.         if [ ! "$?" = "0" ]; then

  271.             exit 236746

  272.         fi

  273.         rm -rf $temp_restore_dir

  274. 

  275.         temp_restore_dir=/root/tempradicalewww

  276.         restore_directory_from_friend $temp_restore_dir radicalewww

  277.         if [ -d $temp_restore_dir/var/www/radicale ]; then

  278.             cp -r $temp_restore_dir/var/www/radicale/* /var/www/radicale

  279.         else

  280.             cp -r $temp_restore_dir/* /var/www/radicale

  281.         fi

  282.         # shellcheck disable=SC2181

  283.         if [ ! "$?" = "0" ]; then

  284.             exit 3674284

  285.         fi

  286.         rm -rf $temp_restore_dir

  287.         chown -R www-data:www-data /var/www/radicale

  288. 

  289.         systemctl restart radicale

  290.     fi

  291. }

  292. 

  293. function remove_radicale {

  294.     nginx_dissite radicale

  295.     systemctl stop radicale

  296.     systemctl stop uwsgi_rundir

  297.     systemctl disable radicale

  298.     systemctl disable uwsgi_rundir

  299.     if [ -f /etc/systemd/system/uwsgi_rundir.service ]; then

  300.         rm /etc/systemd/system/uwsgi_rundir.service

  301.     fi

  302.     if [ -f /etc/systemd/system/radicale.service ]; then

  303.         rm /etc/systemd/system/radicale.service

  304.     fi

  305.     systemctl daemon-reload

  306.     if [ -f /etc/nginx/sites-available/radicale ]; then

  307.         rm /etc/nginx/sites-available/radicale

  308.     fi

  309.     if [ -f /usr/local/bin/uwsgi_rundir.sh ]; then

  310.         rm /usr/local/bin/uwsgi_rundir.sh

  311.     fi

  312. 

  313.     firewall_remove ${RADICALE_PORT} tcp

  314. 

  315.     groupdel -f radicale

  316.     userdel -r radicale

  317. 

  318.     function_check remove_onion_service

  319.     remove_onion_service radicale ${RADICALE_ONION_PORT}

  320. 

  321.     apt-get -yq remove --purge radicale python-radicale

  322.     if [ -d ${RADICALE_DIRECTORY} ]; then

  323.         rm -rf ${RADICALE_DIRECTORY}

  324.     fi

  325.     if [ -d /var/www/radicale ]; then

  326.         rm -rf /var/www/radicale

  327.     fi

  328.     if [ -f /var/log/radicale/radicale.log ]; then

  329.         rm -rf /var/log/radicale

  330.     fi

  331.     if [ -d /var/log/radicale ]; then

  332.         rm -rf /var/log/radicale

  333.     fi

  334.     if [ -d /var/lib/radicale ]; then

  335.         rm -rf /var/lib/radicale

  336.     fi

  337. 

  338.     remove_completion_param install_radicale

  339.     sed -i '/radicale/d' "$COMPLETION_FILE"

  340.     sed -i '/# Start radicale/,/# End radicale/d' "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  341.     systemctl restart nginx

  342. }

  343. 

  344. function install_radicale {

  345.     if [[ $ONION_ONLY == 'no' ]]; then

  346.         # obtain a cert for the default domain

  347.         if [[ "$(cert_exists "${DEFAULT_DOMAIN_NAME}" pem)" == "0" ]]; then

  348.             echo $'Obtaining certificate for the main domain'

  349.             create_site_certificate "${DEFAULT_DOMAIN_NAME}" 'yes'

  350.         fi

  351.     fi

  352. 

  353.     apt-get -yq remove --purge radicale python-radicale

  354. 

  355.     useradd -c "Radicale system account" -d /var/www/radicale -m -r -g radicale radicale

  356.     usermod -a -G www-data radicale

  357.     groupadd radicale

  358. 

  359.     # create directories

  360.     if [ ! -d /var/log/radicale ]; then

  361.         mkdir /var/log/radicale

  362.     fi

  363.     if [ ! -f /var/log/radicale/radicale.log ]; then

  364.         touch /var/log/radicale/radicale.log

  365.     fi

  366.     chown -R www-data:www-data /var/log/radicale

  367. 

  368.     apt-get -yq install python-setuptools apache2-utils

  369. 

  370.     if [ ! -d /var/www/radicale ]; then

  371.         mkdir -p /var/www/radicale

  372.     fi

  373. 

  374.     # get the source

  375.     cd /var/www/radicale || exit 462874628

  376.     wget ${RADICALE_DOWNLOAD_URL}${RADICALE_VERSION}.tar.gz

  377. 

  378.     # check the hash

  379.     hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')

  380.     if [[ "$hash" != "$RADICALE_HASH" ]]; then

  381.         echo $'radicale hash does not match'

  382.         exit 638532

  383.     fi

  384. 

  385.     tar -xzf Radicale-${RADICALE_VERSION}.tar.gz

  386.     if [ ! -d Radicale-${RADICALE_VERSION} ]; then

  387.         exit 623252

  388.     fi

  389.     rm Radicale-${RADICALE_VERSION}.tar.gz

  390.     cd "Radicale-${RADICALE_VERSION}" || exit 872462842

  391.     python setup.py install

  392.     if [ ! -f /usr/local/bin/radicale ]; then

  393.         echo $'Radicale did not install'

  394.         exit 7283554

  395.     fi

  396. 

  397.     if [ ! -d ${RADICALE_DIRECTORY} ]; then

  398.         mkdir ${RADICALE_DIRECTORY}

  399.     fi

  400.     if [ ! -d /var/www/radicale/collections ]; then

  401.         mkdir -p /var/www/radicale/collections

  402.     fi

  403. 

  404.     # create the configuration

  405.     { echo '[server]';

  406.       echo 'hosts=localhost:52322';

  407.       echo 'ssl = False';

  408.       echo 'daemon = False';

  409.       echo 'base_prefix=/radicale/';

  410.       echo '';

  411.       echo '[storage]';

  412.       echo 'type = filesystem';

  413.       echo "filesystem_folder = /var/www/radicale/collections";

  414.       echo '';

  415.       echo '[well-known]';

  416.       echo "caldav = '/%(user)s/caldav/'";

  417.       echo "carddav = '/%(user)s/carddav/'";

  418.       echo '';

  419.       echo '#[auth]';

  420.       echo '#imap_hostname = localhost';

  421.       echo '#imap_port = 143';

  422.       echo '#imap_ssl = False';

  423.       echo '';

  424.       echo '[logging]';

  425.       echo 'debug = False'; } > "${RADICALE_DIRECTORY}/config"

  426. 

  427.     # create an admin password

  428.     if [ ${#RADICALE_PASSWORD} -lt 8 ]; then

  429.         if [ -f "$IMAGE_PASSWORD_FILE" ]; then

  430.             RADICALE_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"

  431.         else

  432.             RADICALE_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"

  433.         fi

  434.     fi

  435.     add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"

  436. 

  437.     { echo '[Unit]';

  438.       echo 'Description=Radicale CalDAV Server';

  439.       echo 'After=network.target';

  440.       echo '';

  441.       echo '[Service]';

  442.       echo 'Type=simple';

  443.       echo 'User=www-data';

  444.       echo 'Group=www-data';

  445.       echo "ExecStart=/usr/local/bin/radicale --config ${RADICALE_DIRECTORY}/config";

  446.       echo 'Restart=on-failure';

  447.       echo 'RestartSec=10';

  448.       echo '';

  449.       echo '[Install]';

  450.       echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/radicale.service

  451. 

  452.     addresses_str=$"Addresses"

  453.     echo "{\"tag\": \"VADDRESSBOOK\", \"D:displayname\": \"${addresses_str}\"}" > /var/www/radicale/collections/addresses.props

  454.     touch /var/www/radicale/collections/addresses

  455. 

  456.     if [ ! -d /var/lib/radicale ]; then

  457.         mkdir /var/lib/radicale

  458.     fi

  459.     chown radicale:radicale /var/lib/radicale

  460. 

  461.     chown -R www-data:www-data /var/www/radicale

  462.     chmod -R 755 /var/www/radicale

  463.     chown -R www-data:www-data ${RADICALE_DIRECTORY}

  464. 

  465.     systemctl enable radicale

  466.     systemctl start radicale

  467. 

  468.     if [ ! -f "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}" ]; then

  469.         # create a new site config

  470.         RADICALE_ONION_HOSTNAME=$(add_onion_service radicale 80 ${RADICALE_ONION_PORT})

  471. 

  472.         if [[ $ONION_ONLY == 'no' ]]; then

  473.             { echo 'server {';

  474.               echo "    listen 443 ssl;";

  475.               echo "    #listen [::]:443 ssl;";

  476.               echo ''; } > "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  477.             function_check nginx_ssl

  478.             nginx_ssl "${DEFAULT_DOMAIN_NAME}" mobile

  479.             function_check nginx_security_options

  480.             nginx_security_options "${DEFAULT_DOMAIN_NAME}"

  481.             { echo '';

  482.               echo "    server_name ${DEFAULT_DOMAIN_NAME};";

  483. 

  484.               echo '';

  485.               echo '    access_log /dev/null;';

  486.               echo '    error_log /dev/null;';

  487.               echo '';

  488.               echo '    # Start radicale';

  489.               echo '    location @radicale {';

  490.               echo '        auth_basic "Radicale";';

  491.               echo '        auth_basic_user_file /var/www/radicale/users;';

  492.               echo '        proxy_pass http://localhost:52322;';

  493.               echo '        proxy_buffering off;';

  494.               echo "        proxy_set_header Host \$host;";

  495.               echo "        proxy_set_header X-Real-IP \$remote_addr;";

  496.               echo "        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";

  497.               echo "        proxy_set_header X-Forwarded-Proto \$scheme;";

  498.               echo '    }';

  499.               echo '';

  500.               echo '    location /radicale {';

  501.               echo "        try_files \$uri @radicale;";

  502.               echo '    }';

  503.               echo '';

  504.               echo '    location /.well-known/carddav {';

  505.               echo "        try_files \$uri @radicale;";

  506.               echo '    }';

  507.               echo '';

  508.               echo '    location /.well-known/caldav {';

  509.               echo "        try_files \$uri @radicale;";

  510.               echo '    }';

  511.               echo '    # End radicale';

  512.               echo '}';

  513.               echo ''; } >> "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  514.         else

  515.             echo -n '' > "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  516.         fi

  517.         { echo 'server {';

  518.           echo "    listen localhost:${RADICALE_ONION_PORT} default_server;";

  519.           echo '';

  520.           echo "    server_name ${RADICALE_ONION_HOSTNAME};";

  521.           echo '';

  522.           echo '    access_log /dev/null;';

  523.           echo '    error_log /dev/null;';

  524.           echo '';

  525.           echo '    # Start radicale';

  526.           echo '    location @radicale {';

  527.           echo '        auth_basic "Radicale";';

  528.           echo '        auth_basic_user_file /var/www/radicale/users;';

  529.           echo '        proxy_pass http://localhost:52322;';

  530.           echo '        proxy_buffering off;';

  531.           echo "        proxy_set_header Host \$host;";

  532.           echo "        proxy_set_header X-Real-IP \$remote_addr;";

  533.           echo "        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";

  534.           echo "        proxy_set_header X-Forwarded-Proto \$scheme;";

  535.           echo '    }';

  536.           echo '';

  537.           echo '    location /radicale {';

  538.           echo "        try_files \$uri @radicale;";

  539.           echo '    }';

  540.           echo '';

  541.           echo '    location /.well-known/carddav {';

  542.           echo "        try_files \$uri @radicale;";

  543.           echo '    }';

  544.           echo '';

  545.           echo '    location /.well-known/caldav {';

  546.           echo "        try_files \$uri @radicale;";

  547.           echo '    }';

  548.           echo '    # End radicale';

  549.           echo '}'; } >> "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  550. 

  551.         set_completion_param "radicale onion domain" "${RADICALE_ONION_HOSTNAME}"

  552.     else

  553.         # alter the existing site config

  554.         if ! grep -q "# Start radicale" "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"; then

  555.             sed -i "/]:443/a    # Start radicale\\n  location @radicale {\\n    auth_basic \"Radicale\";\\n    auth_basic_user_file \\/var\\/www\\/radicale\\/users;\\n    proxy_pass http:\\/\\/localhost:52322;\\n    proxy_buffering off;\\n    proxy_set_header Host \$host;\\n    proxy_set_header X-Real-IP \$remote_addr;\\n    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\\n    proxy_set_header X-Forwarded-Proto \$scheme;\\n  }\\n\\n  location \\/radicale {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/carddav {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/caldav {\\n      try_files \$uri @radicale;\\n  }\\n  # End radicale" "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  556.             sed -i "/listen localhost/a    # Start radicale\\n  location @radicale {\\n    auth_basic \"Radicale\";\\n    auth_basic_user_file \\/var\\/www\\/radicale\\/users;\\n    proxy_pass http:\\/\\/localhost:52322;\\n    proxy_buffering off;\\n    proxy_set_header Host \$host;\\n    proxy_set_header X-Real-IP \$remote_addr;\\n    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\\n    proxy_set_header X-Forwarded-Proto \$scheme;\\n  }\\n\\n  location \\/radicale {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/carddav {\\n      try_files \$uri @radicale;\\n  }\\n\\n  location \\/.well-known\\/caldav {\\n      try_files \$uri @radicale;\\n  }\\n  # End radicale" "/etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME}"

  557.         fi

  558.     fi

  559. 

  560.     # create a certificate

  561.     if [ ! -f "/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" ]; then

  562.         if [ ! -f "/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt" ]; then

  563.             "${PROJECT_NAME}-addcert" -h "$DEFAULT_DOMAIN_NAME" --dhkey "${DH_KEYLENGTH}"

  564.             check_certificates "$DEFAULT_DOMAIN_NAME"

  565.         fi

  566.     fi

  567. 

  568.     if [ -f "/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" ]; then

  569.         sed -i "s|radicale.crt|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  570.         sed -i "s|radicale.pem|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale

  571.     fi

  572.     sed -i "s|radicale.key|${DEFAULT_DOMAIN_NAME}.key|g" /etc/nginx/sites-available/radicale

  573.     sed -i "s|radicale.dhparam|${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/nginx/sites-available/radicale

  574. 

  575.     update_default_domain

  576. 

  577.     systemctl restart nginx

  578. 

  579.     "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a radicale -p "$RADICALE_PASSWORD"

  580. 

  581.     # keep track of the version so we can check for upgrades

  582.     if ! grep -q "radicale version:" "${COMPLETION_FILE}"; then

  583.         echo "radicale version:${RADICALE_VERSION}" >> "${COMPLETION_FILE}"

  584.     else

  585.         sed -i "s|radicale version.*|radicale version:${RADICALE_VERSION}|g" "${COMPLETION_FILE}"

  586.     fi

  587. 

  588.     APP_INSTALLED=1

  589. }

  590. 

  591. # NOTE: deliberately no exit 0