def post_install(self, vars, dbpasswd=""):
# Create Lychee automatic configuration file
with open(os.path.join(self.path, 'data', 'config.php'), 'w') as f:
f.write(
'<?php\n'
' if(!defined(\'LYCHEE\')) exit(\'Error: Direct access is allowed!\');\n'
' $dbHost = \'localhost\';\n'
' $dbUser = \'' + self.db.id + '\';\n'
' $dbPassword = \'' + dbpasswd + '\';\n'
' $dbName = \'' + self.db.id + '\';\n'
' $dbTablePrefix = \'\';\n'
'?>\n')
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql', 'mysqli', 'gd', 'zip', 'exif', 'json',
'mbstring')
# Rename lychee index.html to index.php to make it work with our default nginx config
os.rename(os.path.join(self.path, "index.html"),
os.path.join(self.path, "index.php"))
# Finally, make sure that permissions are set so that Lychee
# can make adjustments and save plugins when need be.
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""):
# Write a basic index file showing that we are here
if extra_vars.get('php'):
php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
index_ext = 'php' if extra_vars.get('php') else 'html'
index_path = os.path.join(self.path, 'index.{0}'.format(index_ext))
addr = self.domain + (":" + str(self.port) if self.port != 80 else "")
with open(index_path, 'w') as f:
f.write(
'<html>\n'
'<body>\n'
'<div style="text-align:center;margin-top:20%;font-family:sans-serif;">\n'
'<img style="width: 300px;" src="https://cdn.citizenweb.io/static/img/arkos-2-01.png" />\n'
'<h1>Custom Website</h1>\n'
'<p>Your site is online at http://{0}, and stored at {0}</p>\n'
'<p>Feel free to paste your site files there!</p>\n'
'</div>\n'
'</body>\n'
'</html>\n'.format(addr, self.path))
# Give access to httpd
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, vars, dbpasswd=""):
# Create Lychee automatic configuration file
with open(os.path.join(self.path, 'data', 'config.php'), 'w') as f:
f.write(
'<?php\n'
' if(!defined(\'LYCHEE\')) exit(\'Error: Direct access is allowed!\');\n'
' $dbHost = \'localhost\';\n'
' $dbUser = \'' + self.db.id + '\';\n'
' $dbPassword = \'' + dbpasswd + '\';\n'
' $dbName = \'' + self.db.id + '\';\n'
' $dbTablePrefix = \'\';\n'
'?>\n'
)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql', 'mysqli', 'gd', 'zip', 'exif', 'json', 'mbstring')
# Rename lychee index.html to index.php to make it work with our default nginx config
os.rename(os.path.join(self.path, "index.html"), os.path.join(self.path, "index.php"))
# Finally, make sure that permissions are set so that Lychee
# can make adjustments and save plugins when need be.
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""):
secret_key = random_string()
dbengine = 'mysql' \
if self.app.selected_dbengine == 'db-mariadb' \
else 'sqlite'
# Write a standard Wallabag config file
config_file = os.path.join(self.path, 'app/config/parameters.yml')
with open(config_file + ".dist", 'r') as f:
ic = f.readlines()
with open(config_file, 'w') as f:
for l in ic:
if "database_driver: " in l:
pdo = "pdo_mysql" if dbengine == "mysql" else "pdo_sqlite"
l = " database_driver: {0}\n".format(pdo)
elif "database_path: " in l and dbengine == 'sqlite':
l = " database_path: {0}\n".format(self.db.path)
elif "database_name: " in l and dbengine == 'mysql':
l = " database_name: {0}\n".format(self.db.id)
elif "database_user: "******" database_user: {0}\n".format(self.db.id)
elif "database_password: "******"{0}"\n'.format(dbpasswd)
elif "secret: " in l:
l = " secret: {0}\n".format(secret_key)
f.write(l)
# Make sure that the correct PHP settings are enabled
php.enable_mod('sqlite3', 'bcmath',
'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite',
'zip', 'tidy')
php.open_basedir('add', '/usr/bin/php')
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
# Set up the database then delete the install folder
if dbengine == 'sqlite3':
php.open_basedir('add', '/var/lib/sqlite3')
cwd = os.getcwd()
os.chdir(self.path)
s = shell("php bin/console wallabag:install --env=prod -n")
if s["code"] != 0:
logger.error("Websites", s["stderr"].decode())
raise errors.OperationFailedError(
"Failed to populate database. See logs for more info")
os.chdir(cwd)
if dbengine == 'sqlite3':
os.chown("/var/lib/sqlite3/{0}.db".format(self.db.id), -1, gid)
os.chmod("/var/lib/sqlite3/{0}.db".format(self.db.id), 0o660)
# Finally, make sure that permissions are set so that Wallabag
# can make adjustments and save plugins when need be.
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""):
secret_key = random_string()
# Use the WordPress key generators as first option
# If connection fails, use the secret_key as fallback
try:
keysection = requests.get(
'https://api.wordpress.org/secret-key/1.1/salt/').text
except:
keysection = ''
if 'define(\'AUTH_KEY' not in keysection:
keysection = (
'define(\'AUTH_KEY\', \'{0}\');\n'
'define(\'SECURE_AUTH_KEY\', \'{0}\');\n'
'define(\'LOGGED_IN_KEY\', \'{0}\');\n'
'define(\'NONCE_KEY\', \'{0}\');\n'.format(secret_key)
)
# Write a standard WordPress config file
with open(os.path.join(self.path, 'wp-config.php'), 'w') as f:
f.write('<?php\n'
'define(\'DB_NAME\', \'{0}\');\n'
'define(\'DB_USER\', \'{0}\');\n'
'define(\'DB_PASSWORD\', \'{1}\');\n'
'define(\'DB_HOST\', \'localhost\');\n'
'define(\'DB_CHARSET\', \'utf8\');\n'
'define(\'SECRET_KEY\', \'{2}\');\n'
'\n'
'define(\'WP_CACHE\', true);\n'
'define(\'FORCE_SSL_ADMIN\', false);\n'
'\n'
'{3}'
'\n'
'$table_prefix = \'wp_\';\n'
'\n'
'/** Absolute path to the WordPress directory. */\n'
'if ( !defined(\'ABSPATH\') )\n'
' define(\'ABSPATH\', dirname(__FILE__) . \'/\');\n'
'\n'
'/** Sets up WordPress vars and included files. */\n'
'require_once(ABSPATH . \'wp-settings.php\');\n'
.format(self.db.id, dbpasswd, secret_key, keysection)
)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysqli', 'opcache')
php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
# Finally, make sure that permissions are set so that Wordpress
# can make adjustments and save plugins when need be.
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""):
# Get around top-level zip restriction (FIXME 0.7.2)
if "paperwork-master" in os.listdir(self.path):
tmp_path = os.path.abspath(os.path.join(self.path, "../pwrk-tmp"))
os.rename(os.path.join(self.path, "paperwork-master/frontend"),
tmp_path)
os.rename(os.path.join(self.path, ".arkos"),
os.path.join(tmp_path, ".arkos"))
shutil.rmtree(self.path)
os.rename(tmp_path, self.path)
# Make sure that the correct PHP settings are enabled
php.enable_mod('gd', 'opcache', 'mysql', 'pdo_mysql', 'mcrypt')
php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
dbstr = "mysql, localhost, 3389, {0}, {1}, {0}"\
.format(self.id, dbpasswd)
with open(os.path.join(self.path, 'app/storage/db_settings'),
'w') as f:
f.write(dbstr)
php.composer_install(self.path)
nodejs.install("gulp", as_global=True)
nodejs.install_from_package(self.path, stat=None)
cwd = os.getcwd()
os.chdir(self.path)
s = shell("bower install --allow-root", stdin='y\n')
if s["code"] != 0:
raise Exception("Failed to run bower: {0}".format(s["stderr"]))
s = shell("gulp")
if s["code"] != 0:
raise Exception("Failed to run gulp: {0}".format(s["stderr"]))
s = shell("php artisan migrate --force")
if s["code"] != 0:
raise Exception("Failed to run artisan: {0}".format(s["stderr"]))
os.chdir(cwd)
# Make sure the webapps config points to the public directory.
c = nginx.loadf(os.path.join('/etc/nginx/sites-available', self.id))
for x in c.servers:
if x.filter('Key', 'root'):
x.filter('Key', 'root')[0].value = \
os.path.join(self.path, 'public')
nginx.dumpf(c, os.path.join('/etc/nginx/sites-available', self.id))
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(os.path.join(self.path, 'app')):
for x in d:
os.chmod(os.path.join(r, x), 0o755)
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chmod(os.path.join(r, x), 0o644)
os.chown(os.path.join(r, x), uid, gid)
if os.path.exists(os.path.join(self.path, 'app/storage/setup')):
os.unlink(os.path.join(self.path, 'app/storage/setup'))
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
# Use the WordPress key generators as first option
# If connection fails, use the secret_key as fallback
try:
keysection = urllib.urlopen('https://api.wordpress.org/secret-key/1.1/salt/').read()
except:
keysection = ''
if not 'define(\'AUTH_KEY' in keysection:
keysection = (
'define(\'AUTH_KEY\', \''+secret_key+'\');\n'
'define(\'SECURE_AUTH_KEY\', \''+secret_key+'\');\n'
'define(\'LOGGED_IN_KEY\', \''+secret_key+'\');\n'
'define(\'NONCE_KEY\', \''+secret_key+'\');\n'
)
# Write a standard WordPress config file
with open(os.path.join(self.path, 'wp-config.php'), 'w') as f:
f.write('<?php\n'
'define(\'DB_NAME\', \''+self.db.id+'\');\n'
'define(\'DB_USER\', \''+self.db.id+'\');\n'
'define(\'DB_PASSWORD\', \''+dbpasswd+'\');\n'
'define(\'DB_HOST\', \'localhost\');\n'
'define(\'DB_CHARSET\', \'utf8\');\n'
'define(\'SECRET_KEY\', \''+secret_key+'\');\n'
'\n'
'define(\'WP_CACHE\', true);\n'
'define(\'FORCE_SSL_ADMIN\', false);\n'
'\n'
+keysection+
'\n'
'$table_prefix = \'wp_\';\n'
'\n'
'/** Absolute path to the WordPress directory. */\n'
'if ( !defined(\'ABSPATH\') )\n'
' define(\'ABSPATH\', dirname(__FILE__) . \'/\');\n'
'\n'
'/** Sets up WordPress vars and included files. */\n'
'require_once(ABSPATH . \'wp-settings.php\');\n'
)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysqli', 'opcache')
php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
# Finally, make sure that permissions are set so that Wordpress
# can make adjustments and save plugins when need be.
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""):
# Add execution flag to binaries
st = os.stat(os.path.join(self.path, "bin/gpm"))
os.chmod(os.path.join(self.path, "bin/gpm"), st.st_mode | 0o111)
st = os.stat(os.path.join(self.path, "bin/grav"))
os.chmod(os.path.join(self.path, "bin/grav"), st.st_mode | 0o111)
st = os.stat(os.path.join(self.path, "bin/plugin"))
os.chmod(os.path.join(self.path, "bin/plugin"), st.st_mode | 0o111)
# Make sure that the correct PHP settings are enabled
php.enable_mod('curl', 'gd', 'opcache', 'zip')
php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
def post_install(self, vars, dbpasswd=""):
# Get around top-level zip restriction (FIXME 0.7.2)
if "paperwork-master" in os.listdir(self.path):
tmp_path = os.path.abspath(os.path.join(self.path, "../pwrk-tmp"))
os.rename(os.path.join(self.path, "paperwork-master/frontend"), tmp_path)
os.rename(os.path.join(self.path, ".arkos"),
os.path.join(tmp_path, ".arkos"))
shutil.rmtree(self.path)
os.rename(tmp_path, self.path)
# Make sure that the correct PHP settings are enabled
php.enable_mod('gd', 'opcache', 'mysql', 'pdo_mysql', 'mcrypt')
php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
dbstr = "mysql, localhost, 3389, {0}, {1}, {0}".format(self.id, dbpasswd)
with open(os.path.join(self.path, 'app/storage/db_settings'), 'w') as f:
f.write(dbstr)
php.composer_install(self.path)
nodejs.install("gulp", as_global=True)
nodejs.install_from_package(self.path, stat=None)
cwd = os.getcwd()
os.chdir(self.path)
s = shell("bower install --allow-root", stdin='y\n')
if s["code"] != 0:
raise Exception("Failed to run bower: %s" % s["stderr"])
s = shell("gulp")
if s["code"] != 0:
raise Exception("Failed to run gulp: %s" % s["stderr"])
s = shell("php artisan migrate --force")
if s["code"] != 0:
raise Exception("Failed to run artisan: %s" % s["stderr"])
os.chdir(cwd)
# Make sure the webapps config points to the public directory.
c = nginx.loadf(os.path.join('/etc/nginx/sites-available', self.id))
for x in c.servers:
if x.filter('Key', 'root'):
x.filter('Key', 'root')[0].value = os.path.join(self.path, 'public')
nginx.dumpf(c, os.path.join('/etc/nginx/sites-available', self.id))
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(os.path.join(self.path, 'app')):
for x in d:
os.chmod(os.path.join(r, x), 0755)
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chmod(os.path.join(r, x), 0644)
os.chown(os.path.join(r, x), uid, gid)
if os.path.exists(os.path.join(self.path, 'app/storage/setup')):
os.unlink(os.path.join(self.path, 'app/storage/setup'))
def post_install(self, vars, dbpasswd=""):
# Get around top-level zip restriction (FIXME 0.7.2)
if "grav-admin" in os.listdir(self.path):
tmp_path = os.path.abspath(os.path.join(self.path, "../grav-tmp"))
os.rename(os.path.join(self.path, "grav-admin"), tmp_path)
os.rename(os.path.join(self.path, ".arkos"),
os.path.join(tmp_path, ".arkos"))
shutil.rmtree(self.path)
os.rename(tmp_path, self.path)
# Add execution flag to binaries
st = os.stat(os.path.join(self.path, "bin/gpm"))
os.chmod(os.path.join(self.path, "bin/gpm"), st.st_mode | 0111)
st = os.stat(os.path.join(self.path, "bin/grav"))
os.chmod(os.path.join(self.path, "bin/grav"), st.st_mode | 0111)
st = os.stat(os.path.join(self.path, "bin/plugin"))
os.chmod(os.path.join(self.path, "bin/plugin"), st.st_mode | 0111)
# Make sure that the correct PHP settings are enabled
php.enable_mod('curl', 'gd', 'opcache', 'zip')
php.enable_mod('apcu', config_file="/etc/php/conf.d/apcu.ini")
def post_install(self, vars, dbpasswd=""):
# Write a basic index file showing that we are here
if vars.get('php'):
php.enable_mod('xcache')
with open(os.path.join(self.path, 'index.'+('php' if vars.get('php') else 'html')), 'w') as f:
f.write(
'<html>\n'
'<body>\n'
'<h1>Genesis - Custom Site</h1>\n'
'<p>Your site is online and available at '+self.path+'</p>\n'
'<p>Feel free to paste your site files here</p>\n'
'</body>\n'
'</html>\n'
)
# Give access to httpd
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
# If there is a custom path for the data directory, add to open_basedir
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
if not self.data_path.startswith(self.path):
os.makedirs(os.path.join(self.path, "data"))
os.chown(os.path.join(self.path, "data"), uid, gid)
php.open_basedir('add', self.data_path)
# Create ownCloud automatic configuration file
with open(os.path.join(self.path, 'config', 'autoconfig.php'),
'w') as f:
f.write('<?php\n'
' $AUTOCONFIG = array(\n'
' "adminlogin" => "admin",\n'
' "adminpass" => "' + dbpasswd + '",\n'
' "dbtype" => "mysql",\n'
' "dbname" => "' + self.db.id + '",\n'
' "dbuser" => "' + self.db.id + '",\n'
' "dbpass" => "' + dbpasswd + '",\n'
' "dbhost" => "localhost",\n'
' "dbtableprefix" => "",\n'
' "directory" => "' + self.data_path + '",\n'
' );\n'
'?>\n')
os.chown(os.path.join(self.path, 'config', 'autoconfig.php'), uid, gid)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql', 'pdo_mysql', 'zip', 'gd', 'ldap', 'iconv',
'openssl', 'xcache', 'posix')
# Make sure xcache has the correct settings, otherwise ownCloud breaks
with open('/etc/php/conf.d/xcache.ini', 'w') as f:
f.writelines([
'extension=xcache.so\n', 'xcache.size=64M\n',
'xcache.var_size=64M\n', 'xcache.admin.enable_auth = Off\n',
'xcache.admin.user = "******"\n',
'xcache.admin.pass = "******"\n'
])
php.change_setting("always_populate_raw_post_data", "-1")
mydir = os.getcwd()
os.chdir(self.path)
s = shell("sudo -u http php index.php")
if s["code"] != 0:
raise Exception("ownCloud database population failed")
s = shell("sudo -u http php occ app:enable user_ldap")
if s["code"] != 0:
raise Exception("ownCloud LDAP configuration failed")
os.chdir(mydir)
ldap_sql = (
"REPLACE INTO appconfig (appid, configkey, configvalue) VALUES"
"('user_ldap', 'ldap_uuid_attribute', 'auto'),"
"('user_ldap', 'ldap_host', 'localhost'),"
"('user_ldap', 'ldap_port', '389'),"
"('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_users', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_groups', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_tls', '0'),"
"('user_ldap', 'ldap_display_name', 'cn'),"
"('user_ldap', 'ldap_userlist_filter', 'objectClass=mailAccount'),"
"('user_ldap', 'ldap_group_filter', 'objectClass=posixGroup'),"
"('user_ldap', 'ldap_group_display_name', 'cn'),"
"('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember'),"
"('user_ldap', 'ldap_login_filter', '(&(|(objectclass=posixAccount))(|(uid=%uid)))'),"
"('user_ldap', 'ldap_quota_attr', 'mailQuota'),"
"('user_ldap', 'ldap_quota_def', ''),"
"('user_ldap', 'ldap_email_attr', 'mail'),"
"('user_ldap', 'ldap_cache_ttl', '600'),"
"('user_ldap', 'ldap_configuration_active', '1'),"
"('user_ldap', 'home_folder_naming_rule', ''),"
"('user_ldap', 'ldap_backup_host', ''),"
"('user_ldap', 'ldap_dn', ''),"
"('user_ldap', 'ldap_agent_password', ''),"
"('user_ldap', 'ldap_backup_port', ''),"
"('user_ldap', 'ldap_nocase', ''),"
"('user_ldap', 'ldap_turn_off_cert_check', ''),"
"('user_ldap', 'ldap_override_main_server', ''),"
"('user_ldap', 'ldap_attributes_for_user_search', ''),"
"('user_ldap', 'ldap_attributes_for_group_search', ''),"
"('user_ldap', 'ldap_expert_username_attr', 'uid'),"
"('user_ldap', 'ldap_expert_uuid_attr', '');")
self.db.execute(ldap_sql, commit=True)
# TODO set authed user name
self.db.execute("INSERT INTO group_user VALUES ('admin','testuser');",
commit=True)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
# If there is a custom path for the data directory, add to open_basedir
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
if not self.data_path.startswith(self.path):
os.makedirs(os.path.join(self.path, "data"))
os.chown(os.path.join(self.path, "data"), uid, gid)
php.open_basedir('add', self.data_path)
# Create ownCloud automatic configuration file
with open(os.path.join(self.path, 'config', 'autoconfig.php'), 'w') as f:
f.write(
'<?php\n'
' $AUTOCONFIG = array(\n'
' "adminlogin" => "admin",\n'
' "adminpass" => "'+dbpasswd+'",\n'
' "dbtype" => "mysql",\n'
' "dbname" => "'+self.db.id+'",\n'
' "dbuser" => "'+self.db.id+'",\n'
' "dbpass" => "'+dbpasswd+'",\n'
' "dbhost" => "localhost",\n'
' "dbtableprefix" => "",\n'
' "directory" => "'+self.data_path+'",\n'
' );\n'
'?>\n'
)
os.chown(os.path.join(self.path, 'config', 'autoconfig.php'), uid, gid)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql', 'pdo_mysql', 'zip', 'gd', 'ldap',
'iconv', 'openssl', 'xcache', 'posix')
# Make sure xcache has the correct settings, otherwise ownCloud breaks
with open('/etc/php/conf.d/xcache.ini', 'w') as f:
f.writelines(['extension=xcache.so\n',
'xcache.size=64M\n',
'xcache.var_size=64M\n',
'xcache.admin.enable_auth = Off\n',
'xcache.admin.user = "******"\n',
'xcache.admin.pass = "******"\n'])
php.change_setting("always_populate_raw_post_data", "-1")
mydir = os.getcwd()
os.chdir(self.path)
s = shell("sudo -u http php index.php")
if s["code"] != 0:
raise Exception("ownCloud database population failed")
s = shell("sudo -u http php occ app:enable user_ldap")
if s["code"] != 0:
raise Exception("ownCloud LDAP configuration failed")
os.chdir(mydir)
ldap_sql = ("REPLACE INTO appconfig (appid, configkey, configvalue) VALUES"
"('user_ldap', 'ldap_uuid_attribute', 'auto'),"
"('user_ldap', 'ldap_host', 'localhost'),"
"('user_ldap', 'ldap_port', '389'),"
"('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_users', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_groups', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_tls', '0'),"
"('user_ldap', 'ldap_display_name', 'cn'),"
"('user_ldap', 'ldap_userlist_filter', 'objectClass=mailAccount'),"
"('user_ldap', 'ldap_group_filter', 'objectClass=posixGroup'),"
"('user_ldap', 'ldap_group_display_name', 'cn'),"
"('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember'),"
"('user_ldap', 'ldap_login_filter', '(&(|(objectclass=posixAccount))(|(uid=%uid)))'),"
"('user_ldap', 'ldap_quota_attr', 'mailQuota'),"
"('user_ldap', 'ldap_quota_def', ''),"
"('user_ldap', 'ldap_email_attr', 'mail'),"
"('user_ldap', 'ldap_cache_ttl', '600'),"
"('user_ldap', 'ldap_configuration_active', '1'),"
"('user_ldap', 'home_folder_naming_rule', ''),"
"('user_ldap', 'ldap_backup_host', ''),"
"('user_ldap', 'ldap_dn', ''),"
"('user_ldap', 'ldap_agent_password', ''),"
"('user_ldap', 'ldap_backup_port', ''),"
"('user_ldap', 'ldap_nocase', ''),"
"('user_ldap', 'ldap_turn_off_cert_check', ''),"
"('user_ldap', 'ldap_override_main_server', ''),"
"('user_ldap', 'ldap_attributes_for_user_search', ''),"
"('user_ldap', 'ldap_attributes_for_group_search', ''),"
"('user_ldap', 'ldap_expert_username_attr', 'uid'),"
"('user_ldap', 'ldap_expert_uuid_attr', '');"
)
self.db.execute(ldap_sql, commit=True)
# TODO set authed user name
self.db.execute("INSERT INTO group_user VALUES ('admin','testuser');", commit=True)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
dbengine = 'mysql' if self.meta.selected_dbengine == 'db-mariadb' else 'sqlite'
username = vars.get("wb-username")
passwd = vars.get("wb-passwd") + username + secret_key
passwd = hashlib.sha1(passwd).hexdigest()
# Write a standard Wallabag config file
shutil.copy(
os.path.join(self.path, 'inc/poche/config.inc.default.php'),
os.path.join(self.path, 'inc/poche/config.inc.php'))
with open(os.path.join(self.path, 'inc/poche/config.inc.php'),
'r') as f:
ic = f.readlines()
oc = []
for l in ic:
if 'define (\'SALT\'' in l:
l = '@define (\'SALT\', \'' + secret_key + '\');\n'
oc.append(l)
elif 'define (\'STORAGE\'' in l:
l = '@define (\'STORAGE\', \'' + dbengine + '\');\n'
oc.append(l)
elif 'define (\'STORAGE_SQLITE\'' in l and dbengine == 'sqlite':
l = '@define (\'STORAGE_SQLITE\', \'/var/lib/sqlite3/' + self.db.id + '.db\');\n'
oc.append(l)
elif 'define (\'STORAGE_DB\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_DB\', \'' + self.db.id + '\');\n'
oc.append(l)
elif 'define (\'STORAGE_USER\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_USER\', \'' + self.db.id + '\');\n'
oc.append(l)
elif 'define (\'STORAGE_PASSWORD\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_PASSWORD\', \'' + dbpasswd + '\');\n'
oc.append(l)
else:
oc.append(l)
with open(os.path.join(self.path, 'inc/poche/config.inc.php'),
'w') as f:
f.writelines(oc)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql' if dbengine == 'mysql' else 'sqlite3',
'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite',
'zip', 'tidy', 'xcache', 'openssl')
# Set up Composer and install the proper modules
php.composer_install(self.path)
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
# Set up the database then delete the install folder
if dbengine == 'mysql':
with open(os.path.join(self.path, 'install/mysql.sql')) as f:
self.db.execute(f.read())
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');"
% (username, passwd, username),
commit=True)
lid = int(self.db.manager.connection.insert_id())
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'pager', '10');"
% lid,
commit=True)
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'language', 'en_EN.UTF8');"
% lid,
commit=True)
else:
shutil.copy(os.path.join(self.path, 'install/poche.sqlite'),
'/var/lib/sqlite3/%s.db' % self.db.id)
php.open_basedir('add', '/var/lib/sqlite3')
os.chown("/var/lib/sqlite3/%s.db" % self.db.id, -1, gid)
os.chmod("/var/lib/sqlite3/%s.db", 0664)
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');"
% (username, passwd, username))
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'pager', '10');"
)
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'language', 'en_EN.UTF8');"
)
shutil.rmtree(os.path.join(self.path, 'install'))
# Finally, make sure that permissions are set so that Wallabag
# can make adjustments and save plugins when need be.
for r, d, f in os.walk(self.path):
for x in d:
if d in ["assets", "cache", "db"]:
os.chmod(os.path.join(r, d), 0755)
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
dbengine = 'mysql' if self.meta.selected_dbengine == 'db-mariadb' else 'sqlite'
username = vars.get("wb-username")
passwd = vars.get("wb-passwd") + username + secret_key
passwd = hashlib.sha1(passwd).hexdigest()
# Write a standard Wallabag config file
shutil.copy(os.path.join(self.path, 'inc/poche/config.inc.default.php'),
os.path.join(self.path, 'inc/poche/config.inc.php'))
with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'r') as f:
ic = f.readlines()
oc = []
for l in ic:
if 'define (\'SALT\'' in l:
l = '@define (\'SALT\', \''+secret_key+'\');\n'
oc.append(l)
elif 'define (\'STORAGE\'' in l:
l = '@define (\'STORAGE\', \''+dbengine+'\');\n'
oc.append(l)
elif 'define (\'STORAGE_SQLITE\'' in l and dbengine == 'sqlite':
l = '@define (\'STORAGE_SQLITE\', \'/var/lib/sqlite3/'+self.db.id+'.db\');\n'
oc.append(l)
elif 'define (\'STORAGE_DB\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_DB\', \''+self.db.id+'\');\n'
oc.append(l)
elif 'define (\'STORAGE_USER\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_USER\', \''+self.db.id+'\');\n'
oc.append(l)
elif 'define (\'STORAGE_PASSWORD\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_PASSWORD\', \''+dbpasswd+'\');\n'
oc.append(l)
else:
oc.append(l)
with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'w') as f:
f.writelines(oc)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql' if dbengine == 'mysql' else 'sqlite3',
'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite',
'zip', 'tidy', 'xcache', 'openssl')
# Set up Composer and install the proper modules
php.composer_install(self.path)
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
# Set up the database then delete the install folder
if dbengine == 'mysql':
with open(os.path.join(self.path, 'install/mysql.sql')) as f:
self.db.execute(f.read())
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username),
commit=True)
lid = int(self.db.manager.connection.insert_id())
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'pager', '10');" % lid,
commit=True)
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'language', 'en_EN.UTF8');" % lid,
commit=True)
else:
shutil.copy(os.path.join(self.path, 'install/poche.sqlite'), '/var/lib/sqlite3/%s.db' % self.db.id)
php.open_basedir('add', '/var/lib/sqlite3')
os.chown("/var/lib/sqlite3/%s.db" % self.db.id, -1, gid)
os.chmod("/var/lib/sqlite3/%s.db", 0664)
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username))
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'pager', '10');")
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'language', 'en_EN.UTF8');")
shutil.rmtree(os.path.join(self.path, 'install'))
# Finally, make sure that permissions are set so that Wallabag
# can make adjustments and save plugins when need be.
for r, d, f in os.walk(self.path):
for x in d:
if d in ["assets", "cache", "db"]:
os.chmod(os.path.join(r, d), 0755)
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def post_install(self, extra_vars, dbpasswd=""):
php.open_basedir('add', '/dev')
# If there is a custom path for the data directory, add to open_basedir
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
os.makedirs(os.path.join(self.path, "data"))
os.chown(os.path.join(self.path, "data"), uid, gid)
if self.data_path == self.path:
self.data_path = os.path.join(self.path, "data")
else:
try:
os.makedirs(os.path.join(self.data_path))
except OSError as e:
if e[0] == 17:
pass
else:
raise
os.chown(os.path.join(self.data_path), uid, gid)
php.open_basedir('add', self.data_path)
# Make sure that the correct PHP settings are enabled
php.enable_mod('opcache', 'mysql', 'pdo_mysql', 'zip', 'gd', 'ldap',
'iconv', 'openssl', 'posix')
php.enable_mod('apcu', 'apc', config_file="/etc/php/conf.d/apcu.ini")
php.change_setting('apc.enable_cli',
'1',
config_file="/etc/php/conf.d/apcu.ini")
# Make sure php-fpm has the correct settings,
# otherwise Nextcloud breaks
with open("/etc/php/php-fpm.conf", "r") as f:
lines = f.readlines()
with open("/etc/php/php-fpm.conf", "w") as f:
for line in lines:
if ";clear_env = " in line:
line = "clear_env = no\n"
f.write(line)
php.change_setting("always_populate_raw_post_data", "-1")
mydir = os.getcwd()
os.chdir(self.path)
s = shell(('php occ maintenance:install '
'--database "mysql" --database-name "{}" '
'--database-user "{}" --database-pass "{}" '
'--admin-pass "{}" --data-dir "{}"').format(
self.db.id, self.db.id, dbpasswd, dbpasswd,
self.data_path))
if s["code"] != 0:
logger.critical("Nextcloud", s["stderr"])
raise Exception("Nextcloud database population failed")
s = shell("php occ app:enable user_ldap")
if s["code"] != 0:
logger.critical("Nextcloud", s["stderr"])
raise Exception("Nextcloud LDAP configuration failed")
os.chdir(mydir)
os.chown(os.path.join(self.path, "config/config.php"), uid, gid)
ldap_sql = ("REPLACE INTO oc_appconfig "
"(appid, configkey, configvalue) VALUES"
"('core', 'backgroundjobs_mode', 'cron'),"
"('user_ldap', 'ldap_uuid_attribute', 'auto'),"
"('user_ldap', 'ldap_host', 'localhost'),"
"('user_ldap', 'ldap_port', '389'),"
"('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_users', "
"'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_groups', "
"'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_tls', '0'),"
"('user_ldap', 'ldap_display_name', 'cn'),"
"('user_ldap', 'ldap_userlist_filter', "
"'objectClass=mailAccount'),"
"('user_ldap', 'ldap_group_filter', "
"'objectClass=posixGroup'),"
"('user_ldap', 'ldap_group_display_name', 'cn'),"
"('user_ldap', 'ldap_group_member_assoc_attribute', "
"'uniqueMember'),"
"('user_ldap', 'ldap_login_filter', "
"'(&(|(objectclass=posixAccount))(|(uid=%uid)))'),"
"('user_ldap', 'ldap_quota_attr', 'mailQuota'),"
"('user_ldap', 'ldap_quota_def', ''),"
"('user_ldap', 'ldap_email_attr', 'mail'),"
"('user_ldap', 'ldap_cache_ttl', '600'),"
"('user_ldap', 'ldap_configuration_active', '1'),"
"('user_ldap', 'home_folder_naming_rule', ''),"
"('user_ldap', 'ldap_backup_host', ''),"
"('user_ldap', 'ldap_dn', ''),"
"('user_ldap', 'ldap_agent_password', ''),"
"('user_ldap', 'ldap_backup_port', ''),"
"('user_ldap', 'ldap_nocase', ''),"
"('user_ldap', 'ldap_turn_off_cert_check', ''),"
"('user_ldap', 'ldap_override_main_server', ''),"
"('user_ldap', 'ldap_attributes_for_user_search', ''),"
"('user_ldap', 'ldap_attributes_for_group_search', ''),"
"('user_ldap', 'ldap_expert_username_attr', 'uid'),"
"('user_ldap', 'ldap_expert_uuid_attr', '');")
self.db.execute(ldap_sql, commit=True)
self.db.execute("DELETE FROM oc_group_user;", commit=True)
self.db.execute(
"INSERT INTO oc_group_user VALUES ('admin','{0}');".format(
extra_vars.get("nc-admin", "admin")),
commit=True)
if not os.path.exists("/etc/cron.d"):
os.mkdir("/etc/cron.d")
with open("/etc/cron.d/nc-{0}".format(self.id), "w") as f:
f.write("*/15 * * * * http php -f {0} > /dev/null 2>&1".format(
os.path.join(self.path, "cron.php")))
with open(os.path.join(self.path, "config", "config.php"), "r") as f:
data = f.read()
while re.search("\n(\s*('|\")memcache.local.*?\n)", data, re.DOTALL):
data = data.replace(
re.search("\n(\s*('|\")memcache.local.*?\n)", data,
re.DOTALL).group(1), "")
data = data.split("\n")
with open(os.path.join(self.path, "config", "config.php"), "w") as f:
for x in data:
if not x.endswith("\n"):
x += "\n"
if x.startswith(");"):
f.write(" 'memcache.local' => '\OC\Memcache\APCu',\n")
f.write(x)
rootcerts = os.path.join(self.data_path,
'data/files_external/rootcerts.crt')
if os.path.exists(rootcerts):
os.chown(os.path.join(rootcerts), uid, gid)
self.site_edited()
