diff options
Diffstat (limited to 'shib_secondary/remote/install.sh')
| -rwxr-xr-x | shib_secondary/remote/install.sh | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/shib_secondary/remote/install.sh b/shib_secondary/remote/install.sh new file mode 100755 index 0000000..dbd89ee --- /dev/null +++ b/shib_secondary/remote/install.sh @@ -0,0 +1,94 @@ +#!/bin/bash + +set -e + +domain= +master= +secret= + +while (( $# > 0 )); do + case "$1" in + --domain) + domain="$2" + shift + ;; + --master) + master="$2" + shift + ;; + --secret) + secret="$2" + shift + ;; + *) + echo "WAAT? NO MAHNEEY?" + exit 1 + esac + shift +done + +cd "$(dirname "$( readlink -f "$0" )" )" || cd /tmp/shib_deploy || exit 1 + +# Replace domain in everything +find . -type f -exec sed -i "s/%DOMAIN%/$domain/g" {} \; + +dest="/opt/bwlp" +mkdir -p "$dest" +mkdir -p "/etc/dnbd3-server" +cp check-and-toggle-mode.sh "$dest/" +cp copy-current-config.sh "$dest/" +cp bwlp-*.{service,timer} "/etc/systemd/system/" +cp dnbd3-*.service "/etc/systemd/system/" +cp ??0-bwlp-*.conf "/etc/apache2/sites-available/" +cp server.conf alt-servers "/etc/dnbd3-server/" + +sed -i "/$domain/d" "/etc/hosts" +echo "$master $domain" >> "/etc/hosts" + +apt install -y apache2 socat libjansson4 \ + libapache2-mod-php php-curl php-json php-mbstring php-mysql \ + libapache2-mod-shib mariadb-server default-jre-headless + +a2enmod proxy proxy_http ssl headers +mkdir -p /var/log/apache2/masterserver +rm -f -- /etc/apache2/sites-enabled/*.conf +ln -nfs ../sites-available/000-bwlp-default.conf /etc/apache2/sites-enabled/000-bwlp-default.conf + +if ! id bwlp; then + adduser --disabled-password --comment 'bwlp-user' bwlp +fi + +echo "SHARED_SECRET='$secret'" > /opt/bwlp/config + +mariadb <<EOF +CREATE DATABASE IF NOT EXISTS bwlp; +CREATE USER IF NOT EXISTS 'bwlp'@'localhost'; +SET PASSWORD FOR 'bwlp'@'localhost' = PASSWORD('geheim'); +GRANT ALL PRIVILEGES ON bwlp.* TO 'bwlp'@'localhost'; +EOF + +mkdir -p "/home/bwlp/server/config/" +cp global.properties mysql.properties "/home/bwlp/server/config/" +chown -R bwlp:bwlp "/home/bwlp/server/" +chmod -R o-rwx "/home/bwlp/server/config/" + +mkdir -p "/var/www/masterserver/webif/" +cp config.php "/var/www/masterserver/webif/" +chgrp www-data "/var/www/masterserver/webif/config.php" +chmod o-rwx "/var/www/masterserver/webif/config.php" + +if ! id dnbd3; then + adduser --disabled-password --comment 'dnbd3-user' dnbd3 +fi +if mountpoint /mnt/store; then + mkdir -p /mnt/store/dnbd3 + chown -R dnbd3:dnbd3 /mnt/store/dnbd3 +fi + +systemctl daemon-reload +systemctl enable --now bwlp-check-master.timer bwlp-copy-config.timer + +systemctl start bwlp-copy-config.service +systemctl start bwlp-check-master.service + +: |