def post_install(self, vars, dbpasswd=""): # Create Lychee automatic configuration file with open(os.path.join(self.path, 'data', 'config.php'), 'w') as f: f.write( '<?php\n' ' if(!defined(\'LYCHEE\')) exit(\'Error: Direct access is allowed!\');\n' ' $dbHost = \'localhost\';\n' ' $dbUser = \'' + self.db.id + '\';\n' ' $dbPassword = \'' + dbpasswd + '\';\n' ' $dbName = \'' + self.db.id + '\';\n' ' $dbTablePrefix = \'\';\n' '?>\n') # Make sure that the correct PHP settings are enabled php.enable_mod('mysql', 'mysqli', 'gd', 'zip', 'exif', 'json', 'mbstring') # Rename lychee index.html to index.php to make it work with our default nginx config os.rename(os.path.join(self.path, "index.html"), os.path.join(self.path, "index.php")) # Finally, make sure that permissions are set so that Lychee # can make adjustments and save plugins when need be. uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(self.path): for x in d: os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""): # Write a basic index file showing that we are here if extra_vars.get('php'): php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini") index_ext = 'php' if extra_vars.get('php') else 'html' index_path = os.path.join(self.path, 'index.{0}'.format(index_ext)) addr = self.domain + (":" + str(self.port) if self.port != 80 else "") with open(index_path, 'w') as f: f.write( '<html>\n' '<body>\n' '<div style="text-align:center;margin-top:20%;font-family:sans-serif;">\n' '<img style="width: 300px;" src="https://cdn.citizenweb.io/static/img/arkos-2-01.png" />\n' '<h1>Custom Website</h1>\n' '<p>Your site is online at http://{0}, and stored at {0}</p>\n' '<p>Feel free to paste your site files there!</p>\n' '</div>\n' '</body>\n' '</html>\n'.format(addr, self.path)) # Give access to httpd uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(self.path): for x in d: os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, vars, dbpasswd=""): # Create Lychee automatic configuration file with open(os.path.join(self.path, 'data', 'config.php'), 'w') as f: f.write( '<?php\n' ' if(!defined(\'LYCHEE\')) exit(\'Error: Direct access is allowed!\');\n' ' $dbHost = \'localhost\';\n' ' $dbUser = \'' + self.db.id + '\';\n' ' $dbPassword = \'' + dbpasswd + '\';\n' ' $dbName = \'' + self.db.id + '\';\n' ' $dbTablePrefix = \'\';\n' '?>\n' ) # Make sure that the correct PHP settings are enabled php.enable_mod('mysql', 'mysqli', 'gd', 'zip', 'exif', 'json', 'mbstring') # Rename lychee index.html to index.php to make it work with our default nginx config os.rename(os.path.join(self.path, "index.html"), os.path.join(self.path, "index.php")) # Finally, make sure that permissions are set so that Lychee # can make adjustments and save plugins when need be. uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(self.path): for x in d: os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""): secret_key = random_string() dbengine = 'mysql' \ if self.app.selected_dbengine == 'db-mariadb' \ else 'sqlite' # Write a standard Wallabag config file config_file = os.path.join(self.path, 'app/config/parameters.yml') with open(config_file + ".dist", 'r') as f: ic = f.readlines() with open(config_file, 'w') as f: for l in ic: if "database_driver: " in l: pdo = "pdo_mysql" if dbengine == "mysql" else "pdo_sqlite" l = " database_driver: {0}\n".format(pdo) elif "database_path: " in l and dbengine == 'sqlite': l = " database_path: {0}\n".format(self.db.path) elif "database_name: " in l and dbengine == 'mysql': l = " database_name: {0}\n".format(self.db.id) elif "database_user: "******" database_user: {0}\n".format(self.db.id) elif "database_password: "******"{0}"\n'.format(dbpasswd) elif "secret: " in l: l = " secret: {0}\n".format(secret_key) f.write(l) # Make sure that the correct PHP settings are enabled php.enable_mod('sqlite3', 'bcmath', 'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite', 'zip', 'tidy') php.open_basedir('add', '/usr/bin/php') uid, gid = users.get_system("http").uid, groups.get_system("http").gid # Set up the database then delete the install folder if dbengine == 'sqlite3': php.open_basedir('add', '/var/lib/sqlite3') cwd = os.getcwd() os.chdir(self.path) s = shell("php bin/console wallabag:install --env=prod -n") if s["code"] != 0: logger.error("Websites", s["stderr"].decode()) raise errors.OperationFailedError( "Failed to populate database. See logs for more info") os.chdir(cwd) if dbengine == 'sqlite3': os.chown("/var/lib/sqlite3/{0}.db".format(self.db.id), -1, gid) os.chmod("/var/lib/sqlite3/{0}.db".format(self.db.id), 0o660) # Finally, make sure that permissions are set so that Wallabag # can make adjustments and save plugins when need be. for r, d, f in os.walk(self.path): for x in d: os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""): secret_key = random_string() # Use the WordPress key generators as first option # If connection fails, use the secret_key as fallback try: keysection = requests.get( 'https://api.wordpress.org/secret-key/1.1/salt/').text except: keysection = '' if 'define(\'AUTH_KEY' not in keysection: keysection = ( 'define(\'AUTH_KEY\', \'{0}\');\n' 'define(\'SECURE_AUTH_KEY\', \'{0}\');\n' 'define(\'LOGGED_IN_KEY\', \'{0}\');\n' 'define(\'NONCE_KEY\', \'{0}\');\n'.format(secret_key) ) # Write a standard WordPress config file with open(os.path.join(self.path, 'wp-config.php'), 'w') as f: f.write('<?php\n' 'define(\'DB_NAME\', \'{0}\');\n' 'define(\'DB_USER\', \'{0}\');\n' 'define(\'DB_PASSWORD\', \'{1}\');\n' 'define(\'DB_HOST\', \'localhost\');\n' 'define(\'DB_CHARSET\', \'utf8\');\n' 'define(\'SECRET_KEY\', \'{2}\');\n' '\n' 'define(\'WP_CACHE\', true);\n' 'define(\'FORCE_SSL_ADMIN\', false);\n' '\n' '{3}' '\n' '$table_prefix = \'wp_\';\n' '\n' '/** Absolute path to the WordPress directory. */\n' 'if ( !defined(\'ABSPATH\') )\n' ' define(\'ABSPATH\', dirname(__FILE__) . \'/\');\n' '\n' '/** Sets up WordPress vars and included files. */\n' 'require_once(ABSPATH . \'wp-settings.php\');\n' .format(self.db.id, dbpasswd, secret_key, keysection) ) # Make sure that the correct PHP settings are enabled php.enable_mod('mysqli', 'opcache') php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini") # Finally, make sure that permissions are set so that Wordpress # can make adjustments and save plugins when need be. uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(self.path): for x in d: os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""): # Get around top-level zip restriction (FIXME 0.7.2) if "paperwork-master" in os.listdir(self.path): tmp_path = os.path.abspath(os.path.join(self.path, "../pwrk-tmp")) os.rename(os.path.join(self.path, "paperwork-master/frontend"), tmp_path) os.rename(os.path.join(self.path, ".arkos"), os.path.join(tmp_path, ".arkos")) shutil.rmtree(self.path) os.rename(tmp_path, self.path) # Make sure that the correct PHP settings are enabled php.enable_mod('gd', 'opcache', 'mysql', 'pdo_mysql', 'mcrypt') php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini") dbstr = "mysql, localhost, 3389, {0}, {1}, {0}"\ .format(self.id, dbpasswd) with open(os.path.join(self.path, 'app/storage/db_settings'), 'w') as f: f.write(dbstr) php.composer_install(self.path) nodejs.install("gulp", as_global=True) nodejs.install_from_package(self.path, stat=None) cwd = os.getcwd() os.chdir(self.path) s = shell("bower install --allow-root", stdin='y\n') if s["code"] != 0: raise Exception("Failed to run bower: {0}".format(s["stderr"])) s = shell("gulp") if s["code"] != 0: raise Exception("Failed to run gulp: {0}".format(s["stderr"])) s = shell("php artisan migrate --force") if s["code"] != 0: raise Exception("Failed to run artisan: {0}".format(s["stderr"])) os.chdir(cwd) # Make sure the webapps config points to the public directory. c = nginx.loadf(os.path.join('/etc/nginx/sites-available', self.id)) for x in c.servers: if x.filter('Key', 'root'): x.filter('Key', 'root')[0].value = \ os.path.join(self.path, 'public') nginx.dumpf(c, os.path.join('/etc/nginx/sites-available', self.id)) uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(os.path.join(self.path, 'app')): for x in d: os.chmod(os.path.join(r, x), 0o755) os.chown(os.path.join(r, x), uid, gid) for x in f: os.chmod(os.path.join(r, x), 0o644) os.chown(os.path.join(r, x), uid, gid) if os.path.exists(os.path.join(self.path, 'app/storage/setup')): os.unlink(os.path.join(self.path, 'app/storage/setup'))
def post_install(self, vars, dbpasswd=""): secret_key = random_string() # Use the WordPress key generators as first option # If connection fails, use the secret_key as fallback try: keysection = urllib.urlopen('https://api.wordpress.org/secret-key/1.1/salt/').read() except: keysection = '' if not 'define(\'AUTH_KEY' in keysection: keysection = ( 'define(\'AUTH_KEY\', \''+secret_key+'\');\n' 'define(\'SECURE_AUTH_KEY\', \''+secret_key+'\');\n' 'define(\'LOGGED_IN_KEY\', \''+secret_key+'\');\n' 'define(\'NONCE_KEY\', \''+secret_key+'\');\n' ) # Write a standard WordPress config file with open(os.path.join(self.path, 'wp-config.php'), 'w') as f: f.write('<?php\n' 'define(\'DB_NAME\', \''+self.db.id+'\');\n' 'define(\'DB_USER\', \''+self.db.id+'\');\n' 'define(\'DB_PASSWORD\', \''+dbpasswd+'\');\n' 'define(\'DB_HOST\', \'localhost\');\n' 'define(\'DB_CHARSET\', \'utf8\');\n' 'define(\'SECRET_KEY\', \''+secret_key+'\');\n' '\n' 'define(\'WP_CACHE\', true);\n' 'define(\'FORCE_SSL_ADMIN\', false);\n' '\n' +keysection+ '\n' '$table_prefix = \'wp_\';\n' '\n' '/** Absolute path to the WordPress directory. */\n' 'if ( !defined(\'ABSPATH\') )\n' ' define(\'ABSPATH\', dirname(__FILE__) . \'/\');\n' '\n' '/** Sets up WordPress vars and included files. */\n' 'require_once(ABSPATH . \'wp-settings.php\');\n' ) # Make sure that the correct PHP settings are enabled php.enable_mod('mysqli', 'opcache') php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini") # Finally, make sure that permissions are set so that Wordpress # can make adjustments and save plugins when need be. uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(self.path): for x in d: os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""): # Add execution flag to binaries st = os.stat(os.path.join(self.path, "bin/gpm")) os.chmod(os.path.join(self.path, "bin/gpm"), st.st_mode | 0o111) st = os.stat(os.path.join(self.path, "bin/grav")) os.chmod(os.path.join(self.path, "bin/grav"), st.st_mode | 0o111) st = os.stat(os.path.join(self.path, "bin/plugin")) os.chmod(os.path.join(self.path, "bin/plugin"), st.st_mode | 0o111) # Make sure that the correct PHP settings are enabled php.enable_mod('curl', 'gd', 'opcache', 'zip') php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
def post_install(self, vars, dbpasswd=""): # Get around top-level zip restriction (FIXME 0.7.2) if "paperwork-master" in os.listdir(self.path): tmp_path = os.path.abspath(os.path.join(self.path, "../pwrk-tmp")) os.rename(os.path.join(self.path, "paperwork-master/frontend"), tmp_path) os.rename(os.path.join(self.path, ".arkos"), os.path.join(tmp_path, ".arkos")) shutil.rmtree(self.path) os.rename(tmp_path, self.path) # Make sure that the correct PHP settings are enabled php.enable_mod('gd', 'opcache', 'mysql', 'pdo_mysql', 'mcrypt') php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini") dbstr = "mysql, localhost, 3389, {0}, {1}, {0}".format(self.id, dbpasswd) with open(os.path.join(self.path, 'app/storage/db_settings'), 'w') as f: f.write(dbstr) php.composer_install(self.path) nodejs.install("gulp", as_global=True) nodejs.install_from_package(self.path, stat=None) cwd = os.getcwd() os.chdir(self.path) s = shell("bower install --allow-root", stdin='y\n') if s["code"] != 0: raise Exception("Failed to run bower: %s" % s["stderr"]) s = shell("gulp") if s["code"] != 0: raise Exception("Failed to run gulp: %s" % s["stderr"]) s = shell("php artisan migrate --force") if s["code"] != 0: raise Exception("Failed to run artisan: %s" % s["stderr"]) os.chdir(cwd) # Make sure the webapps config points to the public directory. c = nginx.loadf(os.path.join('/etc/nginx/sites-available', self.id)) for x in c.servers: if x.filter('Key', 'root'): x.filter('Key', 'root')[0].value = os.path.join(self.path, 'public') nginx.dumpf(c, os.path.join('/etc/nginx/sites-available', self.id)) uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(os.path.join(self.path, 'app')): for x in d: os.chmod(os.path.join(r, x), 0755) os.chown(os.path.join(r, x), uid, gid) for x in f: os.chmod(os.path.join(r, x), 0644) os.chown(os.path.join(r, x), uid, gid) if os.path.exists(os.path.join(self.path, 'app/storage/setup')): os.unlink(os.path.join(self.path, 'app/storage/setup'))
def post_install(self, vars, dbpasswd=""): # Get around top-level zip restriction (FIXME 0.7.2) if "grav-admin" in os.listdir(self.path): tmp_path = os.path.abspath(os.path.join(self.path, "../grav-tmp")) os.rename(os.path.join(self.path, "grav-admin"), tmp_path) os.rename(os.path.join(self.path, ".arkos"), os.path.join(tmp_path, ".arkos")) shutil.rmtree(self.path) os.rename(tmp_path, self.path) # Add execution flag to binaries st = os.stat(os.path.join(self.path, "bin/gpm")) os.chmod(os.path.join(self.path, "bin/gpm"), st.st_mode | 0111) st = os.stat(os.path.join(self.path, "bin/grav")) os.chmod(os.path.join(self.path, "bin/grav"), st.st_mode | 0111) st = os.stat(os.path.join(self.path, "bin/plugin")) os.chmod(os.path.join(self.path, "bin/plugin"), st.st_mode | 0111) # Make sure that the correct PHP settings are enabled php.enable_mod('curl', 'gd', 'opcache', 'zip') php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
def post_install(self, vars, dbpasswd=""): # Write a basic index file showing that we are here if vars.get('php'): php.enable_mod('xcache') with open(os.path.join(self.path, 'index.'+('php' if vars.get('php') else 'html')), 'w') as f: f.write( '<html>\n' '<body>\n' '<h1>Genesis - Custom Site</h1>\n' '<p>Your site is online and available at '+self.path+'</p>\n' '<p>Feel free to paste your site files here</p>\n' '</body>\n' '</html>\n' ) # Give access to httpd uid, gid = users.get_system("http").uid, groups.get_system("http").gid for r, d, f in os.walk(self.path): for x in d: os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, vars, dbpasswd=""): secret_key = random_string() # If there is a custom path for the data directory, add to open_basedir uid, gid = users.get_system("http").uid, groups.get_system("http").gid if not self.data_path.startswith(self.path): os.makedirs(os.path.join(self.path, "data")) os.chown(os.path.join(self.path, "data"), uid, gid) php.open_basedir('add', self.data_path) # Create ownCloud automatic configuration file with open(os.path.join(self.path, 'config', 'autoconfig.php'), 'w') as f: f.write('<?php\n' ' $AUTOCONFIG = array(\n' ' "adminlogin" => "admin",\n' ' "adminpass" => "' + dbpasswd + '",\n' ' "dbtype" => "mysql",\n' ' "dbname" => "' + self.db.id + '",\n' ' "dbuser" => "' + self.db.id + '",\n' ' "dbpass" => "' + dbpasswd + '",\n' ' "dbhost" => "localhost",\n' ' "dbtableprefix" => "",\n' ' "directory" => "' + self.data_path + '",\n' ' );\n' '?>\n') os.chown(os.path.join(self.path, 'config', 'autoconfig.php'), uid, gid) # Make sure that the correct PHP settings are enabled php.enable_mod('mysql', 'pdo_mysql', 'zip', 'gd', 'ldap', 'iconv', 'openssl', 'xcache', 'posix') # Make sure xcache has the correct settings, otherwise ownCloud breaks with open('/etc/php/conf.d/xcache.ini', 'w') as f: f.writelines([ 'extension=xcache.so\n', 'xcache.size=64M\n', 'xcache.var_size=64M\n', 'xcache.admin.enable_auth = Off\n', 'xcache.admin.user = "******"\n', 'xcache.admin.pass = "******"\n' ]) php.change_setting("always_populate_raw_post_data", "-1") mydir = os.getcwd() os.chdir(self.path) s = shell("sudo -u http php index.php") if s["code"] != 0: raise Exception("ownCloud database population failed") s = shell("sudo -u http php occ app:enable user_ldap") if s["code"] != 0: raise Exception("ownCloud LDAP configuration failed") os.chdir(mydir) ldap_sql = ( "REPLACE INTO appconfig (appid, configkey, configvalue) VALUES" "('user_ldap', 'ldap_uuid_attribute', 'auto')," "('user_ldap', 'ldap_host', 'localhost')," "('user_ldap', 'ldap_port', '389')," "('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_base_users', 'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_base_groups', 'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_tls', '0')," "('user_ldap', 'ldap_display_name', 'cn')," "('user_ldap', 'ldap_userlist_filter', 'objectClass=mailAccount')," "('user_ldap', 'ldap_group_filter', 'objectClass=posixGroup')," "('user_ldap', 'ldap_group_display_name', 'cn')," "('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember')," "('user_ldap', 'ldap_login_filter', '(&(|(objectclass=posixAccount))(|(uid=%uid)))')," "('user_ldap', 'ldap_quota_attr', 'mailQuota')," "('user_ldap', 'ldap_quota_def', '')," "('user_ldap', 'ldap_email_attr', 'mail')," "('user_ldap', 'ldap_cache_ttl', '600')," "('user_ldap', 'ldap_configuration_active', '1')," "('user_ldap', 'home_folder_naming_rule', '')," "('user_ldap', 'ldap_backup_host', '')," "('user_ldap', 'ldap_dn', '')," "('user_ldap', 'ldap_agent_password', '')," "('user_ldap', 'ldap_backup_port', '')," "('user_ldap', 'ldap_nocase', '')," "('user_ldap', 'ldap_turn_off_cert_check', '')," "('user_ldap', 'ldap_override_main_server', '')," "('user_ldap', 'ldap_attributes_for_user_search', '')," "('user_ldap', 'ldap_attributes_for_group_search', '')," "('user_ldap', 'ldap_expert_username_attr', 'uid')," "('user_ldap', 'ldap_expert_uuid_attr', '');") self.db.execute(ldap_sql, commit=True) # TODO set authed user name self.db.execute("INSERT INTO group_user VALUES ('admin','testuser');", commit=True)
def post_install(self, vars, dbpasswd=""): secret_key = random_string() # If there is a custom path for the data directory, add to open_basedir uid, gid = users.get_system("http").uid, groups.get_system("http").gid if not self.data_path.startswith(self.path): os.makedirs(os.path.join(self.path, "data")) os.chown(os.path.join(self.path, "data"), uid, gid) php.open_basedir('add', self.data_path) # Create ownCloud automatic configuration file with open(os.path.join(self.path, 'config', 'autoconfig.php'), 'w') as f: f.write( '<?php\n' ' $AUTOCONFIG = array(\n' ' "adminlogin" => "admin",\n' ' "adminpass" => "'+dbpasswd+'",\n' ' "dbtype" => "mysql",\n' ' "dbname" => "'+self.db.id+'",\n' ' "dbuser" => "'+self.db.id+'",\n' ' "dbpass" => "'+dbpasswd+'",\n' ' "dbhost" => "localhost",\n' ' "dbtableprefix" => "",\n' ' "directory" => "'+self.data_path+'",\n' ' );\n' '?>\n' ) os.chown(os.path.join(self.path, 'config', 'autoconfig.php'), uid, gid) # Make sure that the correct PHP settings are enabled php.enable_mod('mysql', 'pdo_mysql', 'zip', 'gd', 'ldap', 'iconv', 'openssl', 'xcache', 'posix') # Make sure xcache has the correct settings, otherwise ownCloud breaks with open('/etc/php/conf.d/xcache.ini', 'w') as f: f.writelines(['extension=xcache.so\n', 'xcache.size=64M\n', 'xcache.var_size=64M\n', 'xcache.admin.enable_auth = Off\n', 'xcache.admin.user = "******"\n', 'xcache.admin.pass = "******"\n']) php.change_setting("always_populate_raw_post_data", "-1") mydir = os.getcwd() os.chdir(self.path) s = shell("sudo -u http php index.php") if s["code"] != 0: raise Exception("ownCloud database population failed") s = shell("sudo -u http php occ app:enable user_ldap") if s["code"] != 0: raise Exception("ownCloud LDAP configuration failed") os.chdir(mydir) ldap_sql = ("REPLACE INTO appconfig (appid, configkey, configvalue) VALUES" "('user_ldap', 'ldap_uuid_attribute', 'auto')," "('user_ldap', 'ldap_host', 'localhost')," "('user_ldap', 'ldap_port', '389')," "('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_base_users', 'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_base_groups', 'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_tls', '0')," "('user_ldap', 'ldap_display_name', 'cn')," "('user_ldap', 'ldap_userlist_filter', 'objectClass=mailAccount')," "('user_ldap', 'ldap_group_filter', 'objectClass=posixGroup')," "('user_ldap', 'ldap_group_display_name', 'cn')," "('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember')," "('user_ldap', 'ldap_login_filter', '(&(|(objectclass=posixAccount))(|(uid=%uid)))')," "('user_ldap', 'ldap_quota_attr', 'mailQuota')," "('user_ldap', 'ldap_quota_def', '')," "('user_ldap', 'ldap_email_attr', 'mail')," "('user_ldap', 'ldap_cache_ttl', '600')," "('user_ldap', 'ldap_configuration_active', '1')," "('user_ldap', 'home_folder_naming_rule', '')," "('user_ldap', 'ldap_backup_host', '')," "('user_ldap', 'ldap_dn', '')," "('user_ldap', 'ldap_agent_password', '')," "('user_ldap', 'ldap_backup_port', '')," "('user_ldap', 'ldap_nocase', '')," "('user_ldap', 'ldap_turn_off_cert_check', '')," "('user_ldap', 'ldap_override_main_server', '')," "('user_ldap', 'ldap_attributes_for_user_search', '')," "('user_ldap', 'ldap_attributes_for_group_search', '')," "('user_ldap', 'ldap_expert_username_attr', 'uid')," "('user_ldap', 'ldap_expert_uuid_attr', '');" ) self.db.execute(ldap_sql, commit=True) # TODO set authed user name self.db.execute("INSERT INTO group_user VALUES ('admin','testuser');", commit=True)
def post_install(self, vars, dbpasswd=""): secret_key = random_string() dbengine = 'mysql' if self.meta.selected_dbengine == 'db-mariadb' else 'sqlite' username = vars.get("wb-username") passwd = vars.get("wb-passwd") + username + secret_key passwd = hashlib.sha1(passwd).hexdigest() # Write a standard Wallabag config file shutil.copy( os.path.join(self.path, 'inc/poche/config.inc.default.php'), os.path.join(self.path, 'inc/poche/config.inc.php')) with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'r') as f: ic = f.readlines() oc = [] for l in ic: if 'define (\'SALT\'' in l: l = '@define (\'SALT\', \'' + secret_key + '\');\n' oc.append(l) elif 'define (\'STORAGE\'' in l: l = '@define (\'STORAGE\', \'' + dbengine + '\');\n' oc.append(l) elif 'define (\'STORAGE_SQLITE\'' in l and dbengine == 'sqlite': l = '@define (\'STORAGE_SQLITE\', \'/var/lib/sqlite3/' + self.db.id + '.db\');\n' oc.append(l) elif 'define (\'STORAGE_DB\'' in l and dbengine == 'mysql': l = '@define (\'STORAGE_DB\', \'' + self.db.id + '\');\n' oc.append(l) elif 'define (\'STORAGE_USER\'' in l and dbengine == 'mysql': l = '@define (\'STORAGE_USER\', \'' + self.db.id + '\');\n' oc.append(l) elif 'define (\'STORAGE_PASSWORD\'' in l and dbengine == 'mysql': l = '@define (\'STORAGE_PASSWORD\', \'' + dbpasswd + '\');\n' oc.append(l) else: oc.append(l) with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'w') as f: f.writelines(oc) # Make sure that the correct PHP settings are enabled php.enable_mod('mysql' if dbengine == 'mysql' else 'sqlite3', 'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite', 'zip', 'tidy', 'xcache', 'openssl') # Set up Composer and install the proper modules php.composer_install(self.path) uid, gid = users.get_system("http").uid, groups.get_system("http").gid # Set up the database then delete the install folder if dbengine == 'mysql': with open(os.path.join(self.path, 'install/mysql.sql')) as f: self.db.execute(f.read()) self.db.execute( "INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username), commit=True) lid = int(self.db.manager.connection.insert_id()) self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (%s, 'pager', '10');" % lid, commit=True) self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (%s, 'language', 'en_EN.UTF8');" % lid, commit=True) else: shutil.copy(os.path.join(self.path, 'install/poche.sqlite'), '/var/lib/sqlite3/%s.db' % self.db.id) php.open_basedir('add', '/var/lib/sqlite3') os.chown("/var/lib/sqlite3/%s.db" % self.db.id, -1, gid) os.chmod("/var/lib/sqlite3/%s.db", 0664) self.db.execute( "INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username)) self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (1, 'pager', '10');" ) self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (1, 'language', 'en_EN.UTF8');" ) shutil.rmtree(os.path.join(self.path, 'install')) # Finally, make sure that permissions are set so that Wallabag # can make adjustments and save plugins when need be. for r, d, f in os.walk(self.path): for x in d: if d in ["assets", "cache", "db"]: os.chmod(os.path.join(r, d), 0755) os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, vars, dbpasswd=""): secret_key = random_string() dbengine = 'mysql' if self.meta.selected_dbengine == 'db-mariadb' else 'sqlite' username = vars.get("wb-username") passwd = vars.get("wb-passwd") + username + secret_key passwd = hashlib.sha1(passwd).hexdigest() # Write a standard Wallabag config file shutil.copy(os.path.join(self.path, 'inc/poche/config.inc.default.php'), os.path.join(self.path, 'inc/poche/config.inc.php')) with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'r') as f: ic = f.readlines() oc = [] for l in ic: if 'define (\'SALT\'' in l: l = '@define (\'SALT\', \''+secret_key+'\');\n' oc.append(l) elif 'define (\'STORAGE\'' in l: l = '@define (\'STORAGE\', \''+dbengine+'\');\n' oc.append(l) elif 'define (\'STORAGE_SQLITE\'' in l and dbengine == 'sqlite': l = '@define (\'STORAGE_SQLITE\', \'/var/lib/sqlite3/'+self.db.id+'.db\');\n' oc.append(l) elif 'define (\'STORAGE_DB\'' in l and dbengine == 'mysql': l = '@define (\'STORAGE_DB\', \''+self.db.id+'\');\n' oc.append(l) elif 'define (\'STORAGE_USER\'' in l and dbengine == 'mysql': l = '@define (\'STORAGE_USER\', \''+self.db.id+'\');\n' oc.append(l) elif 'define (\'STORAGE_PASSWORD\'' in l and dbengine == 'mysql': l = '@define (\'STORAGE_PASSWORD\', \''+dbpasswd+'\');\n' oc.append(l) else: oc.append(l) with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'w') as f: f.writelines(oc) # Make sure that the correct PHP settings are enabled php.enable_mod('mysql' if dbengine == 'mysql' else 'sqlite3', 'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite', 'zip', 'tidy', 'xcache', 'openssl') # Set up Composer and install the proper modules php.composer_install(self.path) uid, gid = users.get_system("http").uid, groups.get_system("http").gid # Set up the database then delete the install folder if dbengine == 'mysql': with open(os.path.join(self.path, 'install/mysql.sql')) as f: self.db.execute(f.read()) self.db.execute( "INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username), commit=True) lid = int(self.db.manager.connection.insert_id()) self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (%s, 'pager', '10');" % lid, commit=True) self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (%s, 'language', 'en_EN.UTF8');" % lid, commit=True) else: shutil.copy(os.path.join(self.path, 'install/poche.sqlite'), '/var/lib/sqlite3/%s.db' % self.db.id) php.open_basedir('add', '/var/lib/sqlite3') os.chown("/var/lib/sqlite3/%s.db" % self.db.id, -1, gid) os.chmod("/var/lib/sqlite3/%s.db", 0664) self.db.execute( "INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username)) self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (1, 'pager', '10');") self.db.execute( "INSERT INTO users_config (user_id, name, value) VALUES (1, 'language', 'en_EN.UTF8');") shutil.rmtree(os.path.join(self.path, 'install')) # Finally, make sure that permissions are set so that Wallabag # can make adjustments and save plugins when need be. for r, d, f in os.walk(self.path): for x in d: if d in ["assets", "cache", "db"]: os.chmod(os.path.join(r, d), 0755) os.chown(os.path.join(r, x), uid, gid) for x in f: os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""): php.open_basedir('add', '/dev') # If there is a custom path for the data directory, add to open_basedir uid, gid = users.get_system("http").uid, groups.get_system("http").gid os.makedirs(os.path.join(self.path, "data")) os.chown(os.path.join(self.path, "data"), uid, gid) if self.data_path == self.path: self.data_path = os.path.join(self.path, "data") else: try: os.makedirs(os.path.join(self.data_path)) except OSError as e: if e[0] == 17: pass else: raise os.chown(os.path.join(self.data_path), uid, gid) php.open_basedir('add', self.data_path) # Make sure that the correct PHP settings are enabled php.enable_mod('opcache', 'mysql', 'pdo_mysql', 'zip', 'gd', 'ldap', 'iconv', 'openssl', 'posix') php.enable_mod('apcu', 'apc', config_file="/etc/php/conf.d/apcu.ini") php.change_setting('apc.enable_cli', '1', config_file="/etc/php/conf.d/apcu.ini") # Make sure php-fpm has the correct settings, # otherwise Nextcloud breaks with open("/etc/php/php-fpm.conf", "r") as f: lines = f.readlines() with open("/etc/php/php-fpm.conf", "w") as f: for line in lines: if ";clear_env = " in line: line = "clear_env = no\n" f.write(line) php.change_setting("always_populate_raw_post_data", "-1") mydir = os.getcwd() os.chdir(self.path) s = shell(('php occ maintenance:install ' '--database "mysql" --database-name "{}" ' '--database-user "{}" --database-pass "{}" ' '--admin-pass "{}" --data-dir "{}"').format( self.db.id, self.db.id, dbpasswd, dbpasswd, self.data_path)) if s["code"] != 0: logger.critical("Nextcloud", s["stderr"]) raise Exception("Nextcloud database population failed") s = shell("php occ app:enable user_ldap") if s["code"] != 0: logger.critical("Nextcloud", s["stderr"]) raise Exception("Nextcloud LDAP configuration failed") os.chdir(mydir) os.chown(os.path.join(self.path, "config/config.php"), uid, gid) ldap_sql = ("REPLACE INTO oc_appconfig " "(appid, configkey, configvalue) VALUES" "('core', 'backgroundjobs_mode', 'cron')," "('user_ldap', 'ldap_uuid_attribute', 'auto')," "('user_ldap', 'ldap_host', 'localhost')," "('user_ldap', 'ldap_port', '389')," "('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_base_users', " "'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_base_groups', " "'dc=arkos-servers,dc=org')," "('user_ldap', 'ldap_tls', '0')," "('user_ldap', 'ldap_display_name', 'cn')," "('user_ldap', 'ldap_userlist_filter', " "'objectClass=mailAccount')," "('user_ldap', 'ldap_group_filter', " "'objectClass=posixGroup')," "('user_ldap', 'ldap_group_display_name', 'cn')," "('user_ldap', 'ldap_group_member_assoc_attribute', " "'uniqueMember')," "('user_ldap', 'ldap_login_filter', " "'(&(|(objectclass=posixAccount))(|(uid=%uid)))')," "('user_ldap', 'ldap_quota_attr', 'mailQuota')," "('user_ldap', 'ldap_quota_def', '')," "('user_ldap', 'ldap_email_attr', 'mail')," "('user_ldap', 'ldap_cache_ttl', '600')," "('user_ldap', 'ldap_configuration_active', '1')," "('user_ldap', 'home_folder_naming_rule', '')," "('user_ldap', 'ldap_backup_host', '')," "('user_ldap', 'ldap_dn', '')," "('user_ldap', 'ldap_agent_password', '')," "('user_ldap', 'ldap_backup_port', '')," "('user_ldap', 'ldap_nocase', '')," "('user_ldap', 'ldap_turn_off_cert_check', '')," "('user_ldap', 'ldap_override_main_server', '')," "('user_ldap', 'ldap_attributes_for_user_search', '')," "('user_ldap', 'ldap_attributes_for_group_search', '')," "('user_ldap', 'ldap_expert_username_attr', 'uid')," "('user_ldap', 'ldap_expert_uuid_attr', '');") self.db.execute(ldap_sql, commit=True) self.db.execute("DELETE FROM oc_group_user;", commit=True) self.db.execute( "INSERT INTO oc_group_user VALUES ('admin','{0}');".format( extra_vars.get("nc-admin", "admin")), commit=True) if not os.path.exists("/etc/cron.d"): os.mkdir("/etc/cron.d") with open("/etc/cron.d/nc-{0}".format(self.id), "w") as f: f.write("*/15 * * * * http php -f {0} > /dev/null 2>&1".format( os.path.join(self.path, "cron.php"))) with open(os.path.join(self.path, "config", "config.php"), "r") as f: data = f.read() while re.search("\n(\s*('|\")memcache.local.*?\n)", data, re.DOTALL): data = data.replace( re.search("\n(\s*('|\")memcache.local.*?\n)", data, re.DOTALL).group(1), "") data = data.split("\n") with open(os.path.join(self.path, "config", "config.php"), "w") as f: for x in data: if not x.endswith("\n"): x += "\n" if x.startswith(");"): f.write(" 'memcache.local' => '\OC\Memcache\APCu',\n") f.write(x) rootcerts = os.path.join(self.data_path, 'data/files_external/rootcerts.crt') if os.path.exists(rootcerts): os.chown(os.path.join(rootcerts), uid, gid) self.site_edited()