def post_install(self, extra_vars, dbpasswd=""):
secret_key = random_string()
dbengine = 'mysql' \
if self.app.selected_dbengine == 'db-mariadb' \
else 'sqlite'
# Write a standard Wallabag config file
config_file = os.path.join(self.path, 'app/config/parameters.yml')
with open(config_file + ".dist", 'r') as f:
ic = f.readlines()
with open(config_file, 'w') as f:
for l in ic:
if "database_driver: " in l:
pdo = "pdo_mysql" if dbengine == "mysql" else "pdo_sqlite"
l = " database_driver: {0}\n".format(pdo)
elif "database_path: " in l and dbengine == 'sqlite':
l = " database_path: {0}\n".format(self.db.path)
elif "database_name: " in l and dbengine == 'mysql':
l = " database_name: {0}\n".format(self.db.id)
elif "database_user: "******" database_user: {0}\n".format(self.db.id)
elif "database_password: "******"{0}"\n'.format(dbpasswd)
elif "secret: " in l:
l = " secret: {0}\n".format(secret_key)
f.write(l)
# Make sure that the correct PHP settings are enabled
php.enable_mod('sqlite3', 'bcmath',
'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite',
'zip', 'tidy')
php.open_basedir('add', '/usr/bin/php')
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
# Set up the database then delete the install folder
if dbengine == 'sqlite3':
php.open_basedir('add', '/var/lib/sqlite3')
cwd = os.getcwd()
os.chdir(self.path)
s = shell("php bin/console wallabag:install --env=prod -n")
if s["code"] != 0:
logger.error("Websites", s["stderr"].decode())
raise errors.OperationFailedError(
"Failed to populate database. See logs for more info")
os.chdir(cwd)
if dbengine == 'sqlite3':
os.chown("/var/lib/sqlite3/{0}.db".format(self.db.id), -1, gid)
os.chmod("/var/lib/sqlite3/{0}.db".format(self.db.id), 0o660)
# Finally, make sure that permissions are set so that Wallabag
# can make adjustments and save plugins when need be.
for r, d, f in os.walk(self.path):
for x in d:
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def pre_remove(self):
datadir = ''
if os.path.exists(os.path.join(self.path, 'config', 'config.php')):
with open(os.path.join(self.path, 'config', 'config.php'), 'r') as f:
for line in f.readlines():
if 'datadirectory' in line:
data = line.split("'")[1::2]
datadir = data[1]
elif os.path.exists(os.path.join(self.path, 'config', 'autoconfig.php')):
with open(os.path.join(self.path, 'config', 'autoconfig.php'), 'r') as f:
for line in f.readlines():
if 'directory' in line:
data = line.split('"')[1::2]
datadir = data[1]
if datadir:
shutil.rmtree(datadir)
php.open_basedir('del', datadir)
def pre_remove(self):
datadir = ''
config_file = os.path.join(self.path, 'config', 'config.php')
autoconfig_file = os.path.join(self.path, 'config', 'autoconfig.php')
if os.path.exists(config_file):
with open(config_file, 'r') as f:
for line in f.readlines():
if 'datadirectory' in line:
data = line.split("'")[1::2]
datadir = data[1]
elif os.path.exists(autoconfig_file):
with open(autoconfig_file, 'r') as f:
for line in f.readlines():
if 'directory' in line:
data = line.split('"')[1::2]
datadir = data[1]
if datadir:
shutil.rmtree(datadir)
php.open_basedir('del', datadir)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
php.open_basedir('add', '/dev')
# If there is a custom path for the data directory, add to open_basedir
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
os.makedirs(os.path.join(self.path, "data"))
os.chown(os.path.join(self.path, "data"), uid, gid)
if self.data_path == self.path:
self.data_path = os.path.join(self.path, "data")
else:
try:
os.makedirs(os.path.join(self.data_path))
except OSError, e:
if e[0] == 17:
pass
else:
raise
os.chown(os.path.join(self.data_path), uid, gid)
php.open_basedir('add', self.data_path)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
# If there is a custom path for the data directory, add to open_basedir
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
if not self.data_path.startswith(self.path):
os.makedirs(os.path.join(self.path, "data"))
os.chown(os.path.join(self.path, "data"), uid, gid)
php.open_basedir('add', self.data_path)
# Create ownCloud automatic configuration file
with open(os.path.join(self.path, 'config', 'autoconfig.php'),
'w') as f:
f.write('<?php\n'
' $AUTOCONFIG = array(\n'
' "adminlogin" => "admin",\n'
' "adminpass" => "' + dbpasswd + '",\n'
' "dbtype" => "mysql",\n'
' "dbname" => "' + self.db.id + '",\n'
' "dbuser" => "' + self.db.id + '",\n'
' "dbpass" => "' + dbpasswd + '",\n'
' "dbhost" => "localhost",\n'
' "dbtableprefix" => "",\n'
' "directory" => "' + self.data_path + '",\n'
' );\n'
'?>\n')
os.chown(os.path.join(self.path, 'config', 'autoconfig.php'), uid, gid)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql', 'pdo_mysql', 'zip', 'gd', 'ldap', 'iconv',
'openssl', 'xcache', 'posix')
# Make sure xcache has the correct settings, otherwise ownCloud breaks
with open('/etc/php/conf.d/xcache.ini', 'w') as f:
f.writelines([
'extension=xcache.so\n', 'xcache.size=64M\n',
'xcache.var_size=64M\n', 'xcache.admin.enable_auth = Off\n',
'xcache.admin.user = "******"\n',
'xcache.admin.pass = "******"\n'
])
php.change_setting("always_populate_raw_post_data", "-1")
mydir = os.getcwd()
os.chdir(self.path)
s = shell("sudo -u http php index.php")
if s["code"] != 0:
raise Exception("ownCloud database population failed")
s = shell("sudo -u http php occ app:enable user_ldap")
if s["code"] != 0:
raise Exception("ownCloud LDAP configuration failed")
os.chdir(mydir)
ldap_sql = (
"REPLACE INTO appconfig (appid, configkey, configvalue) VALUES"
"('user_ldap', 'ldap_uuid_attribute', 'auto'),"
"('user_ldap', 'ldap_host', 'localhost'),"
"('user_ldap', 'ldap_port', '389'),"
"('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_users', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_groups', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_tls', '0'),"
"('user_ldap', 'ldap_display_name', 'cn'),"
"('user_ldap', 'ldap_userlist_filter', 'objectClass=mailAccount'),"
"('user_ldap', 'ldap_group_filter', 'objectClass=posixGroup'),"
"('user_ldap', 'ldap_group_display_name', 'cn'),"
"('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember'),"
"('user_ldap', 'ldap_login_filter', '(&(|(objectclass=posixAccount))(|(uid=%uid)))'),"
"('user_ldap', 'ldap_quota_attr', 'mailQuota'),"
"('user_ldap', 'ldap_quota_def', ''),"
"('user_ldap', 'ldap_email_attr', 'mail'),"
"('user_ldap', 'ldap_cache_ttl', '600'),"
"('user_ldap', 'ldap_configuration_active', '1'),"
"('user_ldap', 'home_folder_naming_rule', ''),"
"('user_ldap', 'ldap_backup_host', ''),"
"('user_ldap', 'ldap_dn', ''),"
"('user_ldap', 'ldap_agent_password', ''),"
"('user_ldap', 'ldap_backup_port', ''),"
"('user_ldap', 'ldap_nocase', ''),"
"('user_ldap', 'ldap_turn_off_cert_check', ''),"
"('user_ldap', 'ldap_override_main_server', ''),"
"('user_ldap', 'ldap_attributes_for_user_search', ''),"
"('user_ldap', 'ldap_attributes_for_group_search', ''),"
"('user_ldap', 'ldap_expert_username_attr', 'uid'),"
"('user_ldap', 'ldap_expert_uuid_attr', '');")
self.db.execute(ldap_sql, commit=True)
# TODO set authed user name
self.db.execute("INSERT INTO group_user VALUES ('admin','testuser');",
commit=True)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
# If there is a custom path for the data directory, add to open_basedir
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
if not self.data_path.startswith(self.path):
os.makedirs(os.path.join(self.path, "data"))
os.chown(os.path.join(self.path, "data"), uid, gid)
php.open_basedir('add', self.data_path)
# Create ownCloud automatic configuration file
with open(os.path.join(self.path, 'config', 'autoconfig.php'), 'w') as f:
f.write(
'<?php\n'
' $AUTOCONFIG = array(\n'
' "adminlogin" => "admin",\n'
' "adminpass" => "'+dbpasswd+'",\n'
' "dbtype" => "mysql",\n'
' "dbname" => "'+self.db.id+'",\n'
' "dbuser" => "'+self.db.id+'",\n'
' "dbpass" => "'+dbpasswd+'",\n'
' "dbhost" => "localhost",\n'
' "dbtableprefix" => "",\n'
' "directory" => "'+self.data_path+'",\n'
' );\n'
'?>\n'
)
os.chown(os.path.join(self.path, 'config', 'autoconfig.php'), uid, gid)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql', 'pdo_mysql', 'zip', 'gd', 'ldap',
'iconv', 'openssl', 'xcache', 'posix')
# Make sure xcache has the correct settings, otherwise ownCloud breaks
with open('/etc/php/conf.d/xcache.ini', 'w') as f:
f.writelines(['extension=xcache.so\n',
'xcache.size=64M\n',
'xcache.var_size=64M\n',
'xcache.admin.enable_auth = Off\n',
'xcache.admin.user = "******"\n',
'xcache.admin.pass = "******"\n'])
php.change_setting("always_populate_raw_post_data", "-1")
mydir = os.getcwd()
os.chdir(self.path)
s = shell("sudo -u http php index.php")
if s["code"] != 0:
raise Exception("ownCloud database population failed")
s = shell("sudo -u http php occ app:enable user_ldap")
if s["code"] != 0:
raise Exception("ownCloud LDAP configuration failed")
os.chdir(mydir)
ldap_sql = ("REPLACE INTO appconfig (appid, configkey, configvalue) VALUES"
"('user_ldap', 'ldap_uuid_attribute', 'auto'),"
"('user_ldap', 'ldap_host', 'localhost'),"
"('user_ldap', 'ldap_port', '389'),"
"('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_users', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_groups', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_tls', '0'),"
"('user_ldap', 'ldap_display_name', 'cn'),"
"('user_ldap', 'ldap_userlist_filter', 'objectClass=mailAccount'),"
"('user_ldap', 'ldap_group_filter', 'objectClass=posixGroup'),"
"('user_ldap', 'ldap_group_display_name', 'cn'),"
"('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember'),"
"('user_ldap', 'ldap_login_filter', '(&(|(objectclass=posixAccount))(|(uid=%uid)))'),"
"('user_ldap', 'ldap_quota_attr', 'mailQuota'),"
"('user_ldap', 'ldap_quota_def', ''),"
"('user_ldap', 'ldap_email_attr', 'mail'),"
"('user_ldap', 'ldap_cache_ttl', '600'),"
"('user_ldap', 'ldap_configuration_active', '1'),"
"('user_ldap', 'home_folder_naming_rule', ''),"
"('user_ldap', 'ldap_backup_host', ''),"
"('user_ldap', 'ldap_dn', ''),"
"('user_ldap', 'ldap_agent_password', ''),"
"('user_ldap', 'ldap_backup_port', ''),"
"('user_ldap', 'ldap_nocase', ''),"
"('user_ldap', 'ldap_turn_off_cert_check', ''),"
"('user_ldap', 'ldap_override_main_server', ''),"
"('user_ldap', 'ldap_attributes_for_user_search', ''),"
"('user_ldap', 'ldap_attributes_for_group_search', ''),"
"('user_ldap', 'ldap_expert_username_attr', 'uid'),"
"('user_ldap', 'ldap_expert_uuid_attr', '');"
)
self.db.execute(ldap_sql, commit=True)
# TODO set authed user name
self.db.execute("INSERT INTO group_user VALUES ('admin','testuser');", commit=True)
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
dbengine = 'mysql' if self.meta.selected_dbengine == 'db-mariadb' else 'sqlite'
username = vars.get("wb-username")
passwd = vars.get("wb-passwd") + username + secret_key
passwd = hashlib.sha1(passwd).hexdigest()
# Write a standard Wallabag config file
shutil.copy(
os.path.join(self.path, 'inc/poche/config.inc.default.php'),
os.path.join(self.path, 'inc/poche/config.inc.php'))
with open(os.path.join(self.path, 'inc/poche/config.inc.php'),
'r') as f:
ic = f.readlines()
oc = []
for l in ic:
if 'define (\'SALT\'' in l:
l = '@define (\'SALT\', \'' + secret_key + '\');\n'
oc.append(l)
elif 'define (\'STORAGE\'' in l:
l = '@define (\'STORAGE\', \'' + dbengine + '\');\n'
oc.append(l)
elif 'define (\'STORAGE_SQLITE\'' in l and dbengine == 'sqlite':
l = '@define (\'STORAGE_SQLITE\', \'/var/lib/sqlite3/' + self.db.id + '.db\');\n'
oc.append(l)
elif 'define (\'STORAGE_DB\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_DB\', \'' + self.db.id + '\');\n'
oc.append(l)
elif 'define (\'STORAGE_USER\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_USER\', \'' + self.db.id + '\');\n'
oc.append(l)
elif 'define (\'STORAGE_PASSWORD\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_PASSWORD\', \'' + dbpasswd + '\');\n'
oc.append(l)
else:
oc.append(l)
with open(os.path.join(self.path, 'inc/poche/config.inc.php'),
'w') as f:
f.writelines(oc)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql' if dbengine == 'mysql' else 'sqlite3',
'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite',
'zip', 'tidy', 'xcache', 'openssl')
# Set up Composer and install the proper modules
php.composer_install(self.path)
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
# Set up the database then delete the install folder
if dbengine == 'mysql':
with open(os.path.join(self.path, 'install/mysql.sql')) as f:
self.db.execute(f.read())
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');"
% (username, passwd, username),
commit=True)
lid = int(self.db.manager.connection.insert_id())
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'pager', '10');"
% lid,
commit=True)
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'language', 'en_EN.UTF8');"
% lid,
commit=True)
else:
shutil.copy(os.path.join(self.path, 'install/poche.sqlite'),
'/var/lib/sqlite3/%s.db' % self.db.id)
php.open_basedir('add', '/var/lib/sqlite3')
os.chown("/var/lib/sqlite3/%s.db" % self.db.id, -1, gid)
os.chmod("/var/lib/sqlite3/%s.db", 0664)
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');"
% (username, passwd, username))
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'pager', '10');"
)
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'language', 'en_EN.UTF8');"
)
shutil.rmtree(os.path.join(self.path, 'install'))
# Finally, make sure that permissions are set so that Wallabag
# can make adjustments and save plugins when need be.
for r, d, f in os.walk(self.path):
for x in d:
if d in ["assets", "cache", "db"]:
os.chmod(os.path.join(r, d), 0755)
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
def _install(self, extra_vars, enable, nthread):
nthread.title = "Installing website"
msg = Notification("info", "Webs", "Preparing to install...")
nthread.update(msg)
# Make sure the chosen port is indeed open
if not tracked_services.is_open_port(self.port, self.domain):
cname = "({0})".format(self.app.id)
raise errors.InvalidConfigError(cname, nthread)\
from tracked_services.PortConflictError(self.port, self.domain)
# Set some metadata values
specialmsg, dbpasswd = "", ""
site_dir = config.get("websites", "site_dir")
path = (self.path or os.path.join(site_dir, self.id))
self.path = path
self.php = extra_vars.get("php") or self.php \
or self.app.uses_php or False
self.version = self.app.version.rsplit("-", 1)[0] \
if self.app.website_updates else None
# Classify the source package type
if not self.app.download_url:
ending = ""
elif self.app.download_url.endswith(".tar.gz"):
ending = ".tar.gz"
elif self.app.download_url.endswith(".tgz"):
ending = ".tgz"
elif self.app.download_url.endswith(".tar.bz2"):
ending = ".tar.bz2"
elif self.app.download_url.endswith(".zip"):
ending = ".zip"
elif self.app.download_url.endswith(".git"):
ending = ".git"
else:
raise errors.InvalidConfigError(
"Invalid source archive format in {0}".format(self.app.id))
msg = "Running pre-installation..."
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
nthread.update(Notification("info", "Webs", msg))
# Call website type's pre-install hook
self.pre_install(extra_vars)
# If needs DB and user didn't select an engine, choose one for them
if len(self.app.database_engines) > 1 \
and extra_vars.get("dbengine", None):
self.app.selected_dbengine = extra_vars.get("dbengine")
if not getattr(self.app, "selected_dbengine", None)\
and self.app.database_engines:
self.app.selected_dbengine = self.app.database_engines[0]
# Create DB and/or DB user as necessary
if getattr(self.app, "selected_dbengine", None):
msg = "Creating database..."
nthread.update(Notification("info", "Webs", msg))
mgr = databases.get_managers(self.app.selected_dbengine)
if not mgr:
estr = "No manager found for {0}"
raise errors.InvalidConfigError(
estr.format(self.app.selected_dbengine))
# Make sure DB daemon is running if it has one
if not mgr.state:
svc = services.get(mgr.meta.database_service)
svc.restart()
self.db = mgr.add_db(self.id)
if hasattr(self.db, "path"):
os.chmod(self.db.path, 0o660)
os.chown(self.db.path, -1, gid)
# If multiuser DB type, create user
if mgr.meta.database_multiuser:
dbpasswd = random_string(16)
db_user = mgr.add_user(self.id, dbpasswd)
db_user.chperm("grant", self.db)
# Make sure the target directory exists, but is empty
pkg_path = os.path.join("/tmp", self.id + ending)
if os.path.isdir(self.path):
shutil.rmtree(self.path)
os.makedirs(self.path)
# Download and extract the source repo / package
msg = "Downloading website source..."
nthread.update(Notification("info", "Webs", msg))
if self.app.download_url and ending == ".git":
g = git.Repo.clone_from(self.app.download_url, self.path)
if hasattr(self.app, "download_at_tag"):
g = git.Git(self.path)
g.checkout(self.app.download_git_tag)
elif self.app.download_url:
download(self.app.download_url, file=pkg_path, crit=True)
# Format extraction command according to type
msg = "Extracting source..."
nthread.update(Notification("info", "Webs", msg))
if ending in [".tar.gz", ".tgz", ".tar.bz2"]:
arch = tarfile.open(pkg_path, "r:gz")
r = (x for x in arch.getnames() if re.match("^[^/]*$", x))
toplvl = next(r, None)
if not toplvl:
raise errors.OperationFailedError(
"Malformed source archive")
arch.extractall(site_dir)
os.rename(os.path.join(site_dir, toplvl), self.path)
else:
arch = zipfile.ZipFile(pkg_path)
r = (x for x in arch.namelist() if re.match("^[^/]*/$", x))
toplvl = next(r, None)
if not toplvl:
raise errors.OperationFailedError(
"Malformed source archive")
arch.extractall(site_dir)
os.rename(os.path.join(site_dir, toplvl.rstrip("/")),
self.path)
os.remove(pkg_path)
# Set proper starting permissions on source directory
os.chmod(self.path, 0o755)
os.chown(self.path, uid, gid)
for r, d, f in os.walk(self.path):
for x in d:
os.chmod(os.path.join(r, x), 0o755)
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chmod(os.path.join(r, x), 0o644)
os.chown(os.path.join(r, x), uid, gid)
# If there is a custom path for the data directory, set it up
if getattr(self.app, "website_datapaths", None) \
and extra_vars.get("datadir"):
self.data_path = extra_vars["datadir"]
if not os.path.exists(self.data_path):
os.makedirs(self.data_path)
os.chmod(self.data_path, 0o755)
os.chown(self.data_path, uid, gid)
elif hasattr(self, "website_default_data_subdir"):
self.data_path = os.path.join(self.path,
self.website_default_data_subdir)
else:
self.data_path = self.path
# Create the nginx serverblock
addtoblock = self.addtoblock or []
if extra_vars.get("addtoblock"):
addtoblock += nginx.loads(extra_vars.get("addtoblock"), False)
default_index = "index." + ("php" if self.php else "html")
if hasattr(self.app, "website_root"):
webroot = os.path.join(self.path, self.app.website_root)
else:
webroot = self.path
block = nginx.Conf()
server = nginx.Server(
nginx.Key("listen", str(self.port)),
nginx.Key("listen", "[::]:" + str(self.port)),
nginx.Key("server_name", self.domain), nginx.Key("root", webroot),
nginx.Key(
"index",
getattr(self.app, "website_index", None) or default_index),
nginx.Location("/.well-known/acme-challenge/",
nginx.Key("root", self.path)))
if addtoblock:
server.add(*[x for x in addtoblock])
block.add(server)
nginx.dumpf(block, os.path.join("/etc/nginx/sites-available", self.id))
challenge_dir = os.path.join(self.path, ".well-known/acme-challenge/")
if not os.path.exists(challenge_dir):
os.makedirs(challenge_dir)
# Create arkOS metadata file
meta = configparser.SafeConfigParser()
meta.add_section("website")
meta.set("website", "id", self.id)
meta.set("website", "app", self.app.id)
meta.set("website", "ssl",
self.cert.id if getattr(self, "cert", None) else "None")
meta.set("website", "version", self.version or "None")
if getattr(self.app, "website_datapaths", None) \
and self.data_path:
meta.set("website", "data_path", self.data_path)
meta.set("website", "dbengine", "")
meta.set("website", "dbengine",
getattr(self.app, "selected_dbengine", ""))
with open(os.path.join(self.path, ".arkos"), "w") as f:
meta.write(f)
# Call site type's post-installation hook
msg = "Running post-installation. This may take a few minutes..."
nthread.update(Notification("info", "Webs", msg))
specialmsg = self.post_install(extra_vars, dbpasswd)
# Cleanup and reload daemons
msg = "Finishing..."
nthread.update(Notification("info", "Webs", msg))
self.installed = True
storage.websites[self.id] = self
if self.port == 80:
cleanup_acme_dummy(self.domain)
signals.emit("websites", "site_installed", self)
if enable:
self.nginx_enable()
if enable and self.php:
php.open_basedir("add", "/srv/http/")
php_reload()
msg = "{0} site installed successfully".format(self.app.name)
nthread.complete(Notification("success", "Webs", msg))
if specialmsg:
return specialmsg
def post_install(self, vars, dbpasswd=""):
secret_key = random_string()
dbengine = 'mysql' if self.meta.selected_dbengine == 'db-mariadb' else 'sqlite'
username = vars.get("wb-username")
passwd = vars.get("wb-passwd") + username + secret_key
passwd = hashlib.sha1(passwd).hexdigest()
# Write a standard Wallabag config file
shutil.copy(os.path.join(self.path, 'inc/poche/config.inc.default.php'),
os.path.join(self.path, 'inc/poche/config.inc.php'))
with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'r') as f:
ic = f.readlines()
oc = []
for l in ic:
if 'define (\'SALT\'' in l:
l = '@define (\'SALT\', \''+secret_key+'\');\n'
oc.append(l)
elif 'define (\'STORAGE\'' in l:
l = '@define (\'STORAGE\', \''+dbengine+'\');\n'
oc.append(l)
elif 'define (\'STORAGE_SQLITE\'' in l and dbengine == 'sqlite':
l = '@define (\'STORAGE_SQLITE\', \'/var/lib/sqlite3/'+self.db.id+'.db\');\n'
oc.append(l)
elif 'define (\'STORAGE_DB\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_DB\', \''+self.db.id+'\');\n'
oc.append(l)
elif 'define (\'STORAGE_USER\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_USER\', \''+self.db.id+'\');\n'
oc.append(l)
elif 'define (\'STORAGE_PASSWORD\'' in l and dbengine == 'mysql':
l = '@define (\'STORAGE_PASSWORD\', \''+dbpasswd+'\');\n'
oc.append(l)
else:
oc.append(l)
with open(os.path.join(self.path, 'inc/poche/config.inc.php'), 'w') as f:
f.writelines(oc)
# Make sure that the correct PHP settings are enabled
php.enable_mod('mysql' if dbengine == 'mysql' else 'sqlite3',
'pdo_mysql' if dbengine == 'mysql' else 'pdo_sqlite',
'zip', 'tidy', 'xcache', 'openssl')
# Set up Composer and install the proper modules
php.composer_install(self.path)
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
# Set up the database then delete the install folder
if dbengine == 'mysql':
with open(os.path.join(self.path, 'install/mysql.sql')) as f:
self.db.execute(f.read())
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username),
commit=True)
lid = int(self.db.manager.connection.insert_id())
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'pager', '10');" % lid,
commit=True)
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (%s, 'language', 'en_EN.UTF8');" % lid,
commit=True)
else:
shutil.copy(os.path.join(self.path, 'install/poche.sqlite'), '/var/lib/sqlite3/%s.db' % self.db.id)
php.open_basedir('add', '/var/lib/sqlite3')
os.chown("/var/lib/sqlite3/%s.db" % self.db.id, -1, gid)
os.chmod("/var/lib/sqlite3/%s.db", 0664)
self.db.execute(
"INSERT INTO users (username, password, name, email) VALUES ('%s', '%s', '%s', '');" % (username, passwd, username))
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'pager', '10');")
self.db.execute(
"INSERT INTO users_config (user_id, name, value) VALUES (1, 'language', 'en_EN.UTF8');")
shutil.rmtree(os.path.join(self.path, 'install'))
# Finally, make sure that permissions are set so that Wallabag
# can make adjustments and save plugins when need be.
for r, d, f in os.walk(self.path):
for x in d:
if d in ["assets", "cache", "db"]:
os.chmod(os.path.join(r, d), 0755)
os.chown(os.path.join(r, x), uid, gid)
for x in f:
os.chown(os.path.join(r, x), uid, gid)
self.db.remove()
db_user = databases.get_user(self.id)
if db_user:
db_user.remove()
os.unlink(os.path.join("/etc/nginx/sites-available", self.id))
raise Exception("Error during website config - "+str(e))
# Cleanup and reload daemons
message.update("info", "Finishing...", head="Installing website")
self.installed = True
storage.sites.add("sites", self)
signals.emit("websites", "site_installed", self)
if enable:
self.nginx_enable()
if enable and self.php:
php.open_basedir("add", "/srv/http/")
php_reload()
if specialmsg:
return specialmsg
def ssl_enable(self):
# Get server-preferred ciphers
if config.get("certificates", "ciphers"):
ciphers = config.get("certificates", "ciphers")
else:
config.set("certificates", "ciphers", ciphers)
config.save()
block = nginx.loadf(os.path.join("/etc/nginx/sites-available/", self.id))
# If the site is on port 80, setup an HTTP redirect to new port 443
def post_install(self, extra_vars, dbpasswd=""):
php.open_basedir('add', '/dev')
# If there is a custom path for the data directory, add to open_basedir
uid, gid = users.get_system("http").uid, groups.get_system("http").gid
os.makedirs(os.path.join(self.path, "data"))
os.chown(os.path.join(self.path, "data"), uid, gid)
if self.data_path == self.path:
self.data_path = os.path.join(self.path, "data")
else:
try:
os.makedirs(os.path.join(self.data_path))
except OSError as e:
if e[0] == 17:
pass
else:
raise
os.chown(os.path.join(self.data_path), uid, gid)
php.open_basedir('add', self.data_path)
# Make sure that the correct PHP settings are enabled
php.enable_mod('opcache', 'mysql', 'pdo_mysql', 'zip', 'gd', 'ldap',
'iconv', 'openssl', 'posix')
php.enable_mod('apcu', 'apc', config_file="/etc/php/conf.d/apcu.ini")
php.change_setting('apc.enable_cli',
'1',
config_file="/etc/php/conf.d/apcu.ini")
# Make sure php-fpm has the correct settings,
# otherwise Nextcloud breaks
with open("/etc/php/php-fpm.conf", "r") as f:
lines = f.readlines()
with open("/etc/php/php-fpm.conf", "w") as f:
for line in lines:
if ";clear_env = " in line:
line = "clear_env = no\n"
f.write(line)
php.change_setting("always_populate_raw_post_data", "-1")
mydir = os.getcwd()
os.chdir(self.path)
s = shell(('php occ maintenance:install '
'--database "mysql" --database-name "{}" '
'--database-user "{}" --database-pass "{}" '
'--admin-pass "{}" --data-dir "{}"').format(
self.db.id, self.db.id, dbpasswd, dbpasswd,
self.data_path))
if s["code"] != 0:
logger.critical("Nextcloud", s["stderr"])
raise Exception("Nextcloud database population failed")
s = shell("php occ app:enable user_ldap")
if s["code"] != 0:
logger.critical("Nextcloud", s["stderr"])
raise Exception("Nextcloud LDAP configuration failed")
os.chdir(mydir)
os.chown(os.path.join(self.path, "config/config.php"), uid, gid)
ldap_sql = ("REPLACE INTO oc_appconfig "
"(appid, configkey, configvalue) VALUES"
"('core', 'backgroundjobs_mode', 'cron'),"
"('user_ldap', 'ldap_uuid_attribute', 'auto'),"
"('user_ldap', 'ldap_host', 'localhost'),"
"('user_ldap', 'ldap_port', '389'),"
"('user_ldap', 'ldap_base', 'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_users', "
"'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_base_groups', "
"'dc=arkos-servers,dc=org'),"
"('user_ldap', 'ldap_tls', '0'),"
"('user_ldap', 'ldap_display_name', 'cn'),"
"('user_ldap', 'ldap_userlist_filter', "
"'objectClass=mailAccount'),"
"('user_ldap', 'ldap_group_filter', "
"'objectClass=posixGroup'),"
"('user_ldap', 'ldap_group_display_name', 'cn'),"
"('user_ldap', 'ldap_group_member_assoc_attribute', "
"'uniqueMember'),"
"('user_ldap', 'ldap_login_filter', "
"'(&(|(objectclass=posixAccount))(|(uid=%uid)))'),"
"('user_ldap', 'ldap_quota_attr', 'mailQuota'),"
"('user_ldap', 'ldap_quota_def', ''),"
"('user_ldap', 'ldap_email_attr', 'mail'),"
"('user_ldap', 'ldap_cache_ttl', '600'),"
"('user_ldap', 'ldap_configuration_active', '1'),"
"('user_ldap', 'home_folder_naming_rule', ''),"
"('user_ldap', 'ldap_backup_host', ''),"
"('user_ldap', 'ldap_dn', ''),"
"('user_ldap', 'ldap_agent_password', ''),"
"('user_ldap', 'ldap_backup_port', ''),"
"('user_ldap', 'ldap_nocase', ''),"
"('user_ldap', 'ldap_turn_off_cert_check', ''),"
"('user_ldap', 'ldap_override_main_server', ''),"
"('user_ldap', 'ldap_attributes_for_user_search', ''),"
"('user_ldap', 'ldap_attributes_for_group_search', ''),"
"('user_ldap', 'ldap_expert_username_attr', 'uid'),"
"('user_ldap', 'ldap_expert_uuid_attr', '');")
self.db.execute(ldap_sql, commit=True)
self.db.execute("DELETE FROM oc_group_user;", commit=True)
self.db.execute(
"INSERT INTO oc_group_user VALUES ('admin','{0}');".format(
extra_vars.get("nc-admin", "admin")),
commit=True)
if not os.path.exists("/etc/cron.d"):
os.mkdir("/etc/cron.d")
with open("/etc/cron.d/nc-{0}".format(self.id), "w") as f:
f.write("*/15 * * * * http php -f {0} > /dev/null 2>&1".format(
os.path.join(self.path, "cron.php")))
with open(os.path.join(self.path, "config", "config.php"), "r") as f:
data = f.read()
while re.search("\n(\s*('|\")memcache.local.*?\n)", data, re.DOTALL):
data = data.replace(
re.search("\n(\s*('|\")memcache.local.*?\n)", data,
re.DOTALL).group(1), "")
data = data.split("\n")
with open(os.path.join(self.path, "config", "config.php"), "w") as f:
for x in data:
if not x.endswith("\n"):
x += "\n"
if x.startswith(");"):
f.write(" 'memcache.local' => '\OC\Memcache\APCu',\n")
f.write(x)
rootcerts = os.path.join(self.data_path,
'data/files_external/rootcerts.crt')
if os.path.exists(rootcerts):
os.chown(os.path.join(rootcerts), uid, gid)
self.site_edited()