From f843393fc6720b433e9d63f4fd86c9f4d0549ad0 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:15:02 -0700 Subject: [PATCH 01/21] WIP installer v2 --- installer/http-get.sh | 48 ++++++++ installer/install-for-launchd.sh | 17 +++ installer/install-for-systemd.sh | 23 ++++ installer/install-system-service.sh | 37 ++++++ installer/install.sh | 178 ++++++++++++++++++++++++++++ installer/my-root.sh | 8 ++ installer/my-user-my-group.sh | 19 +++ installer/sudo-cmd.sh | 7 ++ 8 files changed, 337 insertions(+) create mode 100644 installer/http-get.sh create mode 100644 installer/install-for-launchd.sh create mode 100644 installer/install-for-systemd.sh create mode 100644 installer/install-system-service.sh create mode 100644 installer/install.sh create mode 100644 installer/my-root.sh create mode 100644 installer/my-user-my-group.sh create mode 100644 installer/sudo-cmd.sh diff --git a/installer/http-get.sh b/installer/http-get.sh new file mode 100644 index 0000000..6e05247 --- /dev/null +++ b/installer/http-get.sh @@ -0,0 +1,48 @@ +############################### +# # +# http_get # +# boilerplate for curl / wget # +# # +############################### + +# See https://git.daplie.com/Daplie/daplie-snippets/blob/master/bash/http-get.sh + +_h_http_get="" +_h_http_opts="" +_h_http_out="" + +detect_http_get() +{ + set +e + if type -p curl >/dev/null 2>&1; then + _h_http_get="curl" + _h_http_opts="-fsSL" + _h_http_out="-o" + elif type -p wget >/dev/null 2>&1; then + _h_http_get="wget" + _h_http_opts="--quiet" + _h_http_out="-O" + else + echo "Aborted, could not find curl or wget" + return 7 + fi + set -e +} + +http_get() +{ + $_h_http_get $_h_http_opts $_h_http_out "$2" "$1" + touch "$2" +} + +http_bash() +{ + _http_url=$1 + #dap_args=$2 + rm -rf dap-tmp-runner.sh + $_h_http_get $_h_http_opts $_h_http_out dap-tmp-runner.sh "$_http_url"; bash dap-tmp-runner.sh; rm dap-tmp-runner.sh +} + +detect_http_get + +## END HTTP_GET ## diff --git a/installer/install-for-launchd.sh b/installer/install-for-launchd.sh new file mode 100644 index 0000000..2079b16 --- /dev/null +++ b/installer/install-for-launchd.sh @@ -0,0 +1,17 @@ +set -u + +my_app_launchd_service="Library/LaunchDaemons/${my_app_pkg_name}.plist" + +echo "" +echo "Installing as launchd service" +echo "" + +# See http://www.launchd.info/ +safe_copy_config "$my_app_dist/$my_app_launchd_service" "$my_root/$my_app_launchd_service" + +$sudo_cmd chown root:wheel "$my_root/$my_app_launchd_service" + +$sudo_cmd launchctl unload -w "$my_root/$my_app_launchd_service" >/dev/null 2>/dev/null +$sudo_cmd launchctl load -w "$my_root/$my_app_launchd_service" + +echo "$my_app_name started with launchd" diff --git a/installer/install-for-systemd.sh b/installer/install-for-systemd.sh new file mode 100644 index 0000000..e2c5028 --- /dev/null +++ b/installer/install-for-systemd.sh @@ -0,0 +1,23 @@ +set -u + +my_app_systemd_service="etc/systemd/system/${my_app_name}.service" +my_app_systemd_tmpfiles="etc/tmpfiles.d/${my_app_name}.conf" + +echo "" +echo "Installing as systemd service" +echo "" + +sed "s/MY_USER/$my_user/g" "$my_app_dist/$my_app_systemd_service" > "$my_app_dist/$my_app_systemd_service.2" +sed "s/MY_GROUP/$my_group/g" "$my_app_dist/$my_app_systemd_service.2" > "$my_app_dist/$my_app_systemd_service" +rm "$my_app_dist/$my_app_systemd_service.2" +safe_copy_config "$my_app_dist/$my_app_systemd_service" "$my_root/$my_app_systemd_service" +safe_copy_config "$my_app_dist/$my_app_systemd_tmpfiles" "$my_root/$my_app_systemd_tmpfiles" + +$sudo_cmd systemctl stop "${my_app_name}.service" >/dev/null 2>/dev/null +$sudo_cmd systemctl daemon-reload +$sudo_cmd systemctl start "${my_app_name}.service" +$sudo_cmd systemctl enable "${my_app_name}.service" + +echo "$my_app_name started with systemctl, check its status like so:" +echo " $sudo_cmd systemctl status $my_app_name" +echo " $sudo_cmd journalctl -xe -u $my_app_name" diff --git a/installer/install-system-service.sh b/installer/install-system-service.sh new file mode 100644 index 0000000..a0af5d0 --- /dev/null +++ b/installer/install-system-service.sh @@ -0,0 +1,37 @@ +safe_copy_config() +{ + src=$1 + dst=$2 + $sudo_cmd mkdir -p $(dirname "$dst") + if [ -f "$dst" ]; then + $sudo_cmd rsync -a "$src" "$dst.latest" + # TODO edit config file with $my_user and $my_group + if [ "$(cat $dst)" == "$(cat $dst.latest)" ]; then + $sudo_cmd rm $dst.latest + else + echo "MANUAL INTERVENTION REQUIRED: check the systemd script update and manually decide what you want to do" + echo "diff $dst $dst.latest" + $sudo_cmd chown -R root:root "$dst.latest" + fi + else + $sudo_cmd rsync -a --ignore-existing "$src" "$dst" + fi + $sudo_cmd chown -R root:root "$dst" + $sudo_cmd chmod 644 "$dst" +} + +installable="" +if [ -d "$my_root/etc/systemd/system" ]; then + source ./installer/install-for-systemd.sh + installable="true" +fi +if [ -d "/Library/LaunchDaemons" ]; then + source ./installer/install-for-launchd.sh + installable="true" +fi +if [ -z "$installable" ]; then + echo "" + echo "Unknown system service init type. You must install as a system service manually." + echo '(please file a bug with the output of "uname -a")' + echo "" +fi diff --git a/installer/install.sh b/installer/install.sh new file mode 100644 index 0000000..bc7e635 --- /dev/null +++ b/installer/install.sh @@ -0,0 +1,178 @@ +#!/bin/bash + +set -e +set -u + +### IMPORTANT ### +### VERSION ### +#my_app_ver="v1.1" +my_app_ver="installer-v2" +my_launchpad_ver="v1.2" +my_azp_oauth3_ver="v1.1.3" +my_iss_oauth3_rest_ver="v1.2.0" +my_iss_oauth3_pages_ver="v1.2.1" +my_www_daplie_ver=v1.0.15 +export NODE_VERSION="v8.9.0" +################# +export NODE_PATH=$my_tmp/opt/$my_app_name/lib/node_modules +export PATH=$PATH:$my_tmp/opt/$my_app_name/bin/ +export NPM_CONFIG_PREFIX=$my_tmp/opt/$my_app_name +my_npm="$NPM_CONFIG_PREFIX/bin/npm" +################# + + + +my_app_name=walnut +my_app_pkg_name=com.daplie.walnut.web +my_tmp=$(mktemp -d) +my_app_dir=$my_tmp +# TODO un-hardcode core at al +#my_app_dist=$my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name/dist +my_app_dist=$my_tmp/opt/$my_app_name/core/dist +git_base="https://git.daplie.com/Daplie/walnut.js.git" +installer_base="https://git.daplie.com/Daplie/walnut.js/raw/$my_app_ver" + + + +# +# Install to tmp location, then move to /opt +# +echo "Installing to $my_tmp (will be moved after install)" +#mkdir -p $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name +mkdir -p $my_tmp/opt/walnut/lib/node_modules/$my_app_name +#git clone $git_base $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name +git clone $git_base $my_tmp/opt/$my_app_name/core +#pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name +pushd $my_tmp/opt/$my_app_name/core + git checkout $my_app_ver + + ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name + ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js + mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} + #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name + #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js + mkdir -p "$my_tmp/opt/$my_app_name"/packages/{api,pages,rest,services} + mkdir -p "$my_tmp/opt/$my_app_name"/etc/client-api-grants + # TODO move packages and sites to /srv, grants to /etc + ln -s ../etc/client-api-grants "$my_tmp/opt/$my_app_name"/packages/client-api-grants + mkdir -p "$my_tmp/opt/$my_app_name"/var/sites + ln -s ../var/sites "$my_tmp/opt/$my_app_name"/packages/sites + mkdir -p "$my_tmp/etc/$my_app_name" + chmod 775 "$my_tmp/etc/$my_app_name" + cat "$my_app_dist/etc/$my_app_name/$my_app_name.example.yml" > "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" + chmod 664 "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" + mkdir -p $my_tmp/var/log/$my_app_name + + + + # + # Helpers + # + installer_prefix="." + source ./$installer_prefix/sudo-cmd.sh + source ./$installer_prefix/http-get.sh + + + + # + # Dependencies + # + echo $NODE_VERSION > /tmp/NODEJS_VER + # This will read the NODE_* and PATH variables set previously, as well as /tmp/NODEJS_VER + http_bash "https://git.coolaj86.com/coolaj86/node-installer.sh/raw/v1.1/install.sh" + $my_npm install -g npm@4 + $my_npm install -g bower + touch $my_tmp/opt/$my_app_name/.bowerrc + echo '{ "allow_root": true }' > $my_tmp/opt/$my_app_name/.bowerrc + + #pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name + pushd $my_tmp/opt/$my_app_name/core + mkdir -p ../node_modules + ln -s ../node_modules node_modules + $my_npm install + popd + + pushd $my_tmp/opt/$my_app_name/core/lib/walnut@daplie.com/setup + git pull + git checkout $my_launchpad_ver + + git clone https://git.daplie.com/OAuth3/oauth3.js.git ./assets/oauth3.org + pushd assets/oauth3.org + git checkout $my_azp_oauth3_ver + popd + popd + + pushd $my_tmp/opt/$my_app_name/packages + git clone https://git.daplie.com/OAuth3/issuer_oauth3.org.git rest/issuer@oauth3.org + pushd rest/issuer@oauth3.org/ + git checkout $my_iss_oauth3_rest_ver + $my_npm install + popd + + git clone https://git.daplie.com/OAuth3/org.oauth3.git pages/issuer@oauth3.org + pushd pages/issuer@oauth3.org + git checkout $my_iss_oauth3_pages_ver + bash ./install.sh + + pushd ./assets/oauth3.org + git checkout $my_azp_oauth3_ver + popd + popd + + git clone https://git.daplie.com/Daplie/walnut_rest_www_daplie.com.git rest/www@daplie.com + pushd rest/www@daplie.com + git checkout $my_www_daplie_ver + $my_npm install + popd + popd + + + + # + # System Service + # + source ./$installer_prefix/my-root.sh + echo "Pre-installation to $my_tmp complete, now installing to $my_root/ ..." + set +e + if type -p tree >/dev/null 2>/dev/null; then + #tree -I "node_modules|include|share" $my_tmp + tree -L 6 -I "include|share|npm" $my_tmp + else + ls $my_tmp + fi + set -e + + source ./$installer_prefix/my-user-my-group.sh + echo "User $my_user Group $my_group" + + $sudo_cmd chown -R $my_user:$my_group $my_tmp + rsync -a $my_tmp/ $my_root/ + rsync -a --ignore-existing $my_app_dist/etc/$my_app_name/$my_app_name.yml $my_root/etc/$my_app_name/$my_app_name.yml + source ./$installer_prefix/install-system-service.sh + + # Change to admin perms + $sudo_cmd chown -R $my_user:$my_group $my_root/opt/$my_app_name + $sudo_cmd chown -R $my_user:$my_group $my_root/var/www $my_root/srv/www + + # make sure the files are all read/write for the owner and group, and then set + # the setuid and setgid bits so that any files/directories created inside these + # directories have the same owner and group. + $sudo_cmd chmod -R ug+rwX /opt/$my_app_name + find /opt/$my_app_name -type d -exec $sudo_cmd chmod ug+s {} \; +popd + + +rm -rf $my_tmp + +echo "" +echo "You must have some set of domain set up to properly use goldilocks+walnut:" +echo "" +echo " example.com" +echo " www.example.com" +echo " api.example.com" +echo " assets.example.com" +echo " cloud.example.com" +echo " api.cloud.example.com" +echo "" +echo "Check the WALNUT README.md for more info and how to set up /etc/goldilocks/goldilocks.yml" +echo "" diff --git a/installer/my-root.sh b/installer/my-root.sh new file mode 100644 index 0000000..6fec42f --- /dev/null +++ b/installer/my-root.sh @@ -0,0 +1,8 @@ +# something or other about android and tmux using PREFIX +#: "${PREFIX:=''}" +my_root="" +if [ -z "${PREFIX-}" ]; then + my_root="" +else + my_root="$PREFIX" +fi diff --git a/installer/my-user-my-group.sh b/installer/my-user-my-group.sh new file mode 100644 index 0000000..82282a3 --- /dev/null +++ b/installer/my-user-my-group.sh @@ -0,0 +1,19 @@ +if type -p adduser >/dev/null 2>/dev/null; then + if [ -z "$(cat $my_root/etc/passwd | grep $my_app_name)" ]; then + $sudo_cmd adduser --home $my_root/opt/$my_app_name --gecos '' --disabled-password $my_app_name + fi + my_user=$my_app_name + my_group=$my_app_name +elif [ -n "$(cat /etc/passwd | grep www-data:)" ]; then + # Linux (Ubuntu) + my_user=www-data + my_group=www-data +elif [ -n "$(cat /etc/passwd | grep _www:)" ]; then + # Mac + my_user=_www + my_group=_www +else + # Unsure + my_user=$(whoami) + my_group=$(id -g -n) +fi diff --git a/installer/sudo-cmd.sh b/installer/sudo-cmd.sh new file mode 100644 index 0000000..b6b3ff8 --- /dev/null +++ b/installer/sudo-cmd.sh @@ -0,0 +1,7 @@ +# Not every platform has or needs sudo, gotta save them O(1)s... +sudo_cmd="" +set +e +if type -p sudo >/dev/null 2>/dev/null; then + ((EUID)) && [[ -z "${ANDROID_ROOT-}" ]] && sudo_cmd="sudo" +fi +set -e From 76e882c572eafb4bc5426579f744126f7d2b3f6b Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:17:05 -0700 Subject: [PATCH 02/21] bump ver, add standard files --- CHANGELOG | 4 ++++ LICENSE | 42 ++++++++++++++++++++++++++++++++++++++++-- package.json | 4 ++-- 3 files changed, 46 insertions(+), 4 deletions(-) create mode 100644 CHANGELOG diff --git a/CHANGELOG b/CHANGELOG new file mode 100644 index 0000000..7c30799 --- /dev/null +++ b/CHANGELOG @@ -0,0 +1,4 @@ +v1.2.5 - Beginning of CHANGELOG + * has semi-functional launchpad + * OAuth3 with issuer-rewrite merged in + * capabilities API diff --git a/LICENSE b/LICENSE index c96310a..6297ea2 100644 --- a/LICENSE +++ b/LICENSE @@ -1,3 +1,41 @@ -Copyright 2017 Daplie Inc. +Copyright 2017 Daplie, Inc -All Rights Reserved \ No newline at end of file +This is open source software; you can redistribute it and/or modify it under the +terms of either: + + a) the "MIT License" + b) the "Apache-2.0 License" + +MIT License + + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. + +Apache-2.0 License Summary + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/package.json b/package.json index 8cfb406..5d6a44b 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "walnut", - "version": "0.1.0", + "version": "1.2.5", "description": "zero-config home cloud server", "main": "walnut.js", "scripts": { @@ -34,7 +34,7 @@ "public" ], "author": "AJ ONeal (https://daplie.com)", - "license": "Apache2", + "license": "(MIT or Apache2)", "bugs": { "url": "https://github.com/Daplie/walnut/issues" }, From 058ec8b22feb60a9e09fb2d22aec6a58c439872b Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:20:27 -0700 Subject: [PATCH 03/21] move my_tmp --- installer/install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/installer/install.sh b/installer/install.sh index bc7e635..ff39f60 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -3,6 +3,8 @@ set -e set -u +my_tmp=$(mktemp -d) + ### IMPORTANT ### ### VERSION ### #my_app_ver="v1.1" @@ -24,7 +26,6 @@ my_npm="$NPM_CONFIG_PREFIX/bin/npm" my_app_name=walnut my_app_pkg_name=com.daplie.walnut.web -my_tmp=$(mktemp -d) my_app_dir=$my_tmp # TODO un-hardcode core at al #my_app_dist=$my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name/dist From fcc3cc73669fa525c45e895c846b4e4320ce48cb Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:21:56 -0700 Subject: [PATCH 04/21] move my_app_name --- installer/install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/installer/install.sh b/installer/install.sh index ff39f60..c8bf477 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -4,6 +4,8 @@ set -e set -u my_tmp=$(mktemp -d) +my_app_name=walnut +my_app_pkg_name=com.daplie.walnut.web ### IMPORTANT ### ### VERSION ### @@ -24,8 +26,6 @@ my_npm="$NPM_CONFIG_PREFIX/bin/npm" -my_app_name=walnut -my_app_pkg_name=com.daplie.walnut.web my_app_dir=$my_tmp # TODO un-hardcode core at al #my_app_dist=$my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name/dist From 3ef094b78ce235861523e5f7d107d7c8b57beb96 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:22:59 -0700 Subject: [PATCH 05/21] create bin dir before linking ;) --- installer/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer/install.sh b/installer/install.sh index c8bf477..3a338ab 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -47,9 +47,9 @@ git clone $git_base $my_tmp/opt/$my_app_name/core pushd $my_tmp/opt/$my_app_name/core git checkout $my_app_ver + mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js - mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js mkdir -p "$my_tmp/opt/$my_app_name"/packages/{api,pages,rest,services} From 936f458d799deb202ee9b920dbe1aecdcd605aa2 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:23:45 -0700 Subject: [PATCH 06/21] create walnut.example.yml --- dist/etc/walnut/walnut.example.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 dist/etc/walnut/walnut.example.yml diff --git a/dist/etc/walnut/walnut.example.yml b/dist/etc/walnut/walnut.example.yml new file mode 100644 index 0000000..e69de29 From efa544966227751a3f3c47c5dd6b665990190bcd Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:26:18 -0700 Subject: [PATCH 07/21] source relative to git dir --- installer/install.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/installer/install.sh b/installer/install.sh index 3a338ab..4568269 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -69,9 +69,8 @@ pushd $my_tmp/opt/$my_app_name/core # # Helpers # - installer_prefix="." - source ./$installer_prefix/sudo-cmd.sh - source ./$installer_prefix/http-get.sh + source ./installer/sudo-cmd.sh + source ./installer/http-get.sh @@ -132,7 +131,7 @@ pushd $my_tmp/opt/$my_app_name/core # # System Service # - source ./$installer_prefix/my-root.sh + source ./installer/my-root.sh echo "Pre-installation to $my_tmp complete, now installing to $my_root/ ..." set +e if type -p tree >/dev/null 2>/dev/null; then @@ -143,13 +142,13 @@ pushd $my_tmp/opt/$my_app_name/core fi set -e - source ./$installer_prefix/my-user-my-group.sh + source ./installer/my-user-my-group.sh echo "User $my_user Group $my_group" $sudo_cmd chown -R $my_user:$my_group $my_tmp rsync -a $my_tmp/ $my_root/ rsync -a --ignore-existing $my_app_dist/etc/$my_app_name/$my_app_name.yml $my_root/etc/$my_app_name/$my_app_name.yml - source ./$installer_prefix/install-system-service.sh + source ./installer/install-system-service.sh # Change to admin perms $sudo_cmd chown -R $my_user:$my_group $my_root/opt/$my_app_name From 952ec8d23bfea3fe1b2336ad758d1b3f7cdf6bb1 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:38:10 -0700 Subject: [PATCH 08/21] ursa is not a dependency --- package.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/package.json b/package.json index 5d6a44b..ab35746 100644 --- a/package.json +++ b/package.json @@ -69,7 +69,6 @@ "serve-static": "1.x", "sqlite3-cluster": "git+https://git.daplie.com/coolaj86/sqlite3-cluster.git#v2", "stripe": "^4.22.0", - "twilio": "1.x", - "ursa": "^0.9.1" + "twilio": "1.x" } } From 2def7194554100c3ad69df09a546a948187482dd Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:43:36 -0700 Subject: [PATCH 09/21] clone launchpad, duh --- installer/install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/installer/install.sh b/installer/install.sh index 4568269..bb44185 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -92,6 +92,7 @@ pushd $my_tmp/opt/$my_app_name/core $my_npm install popd + git clone https://git.daplie.com/Daplie/walnut_launchpad.git $my_tmp/opt/$my_app_name/core/lib/walnut@daplie.com/setup pushd $my_tmp/opt/$my_app_name/core/lib/walnut@daplie.com/setup git pull git checkout $my_launchpad_ver From 6ee3b60f8407164ed981f88e11837b71c285bf63 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 04:59:48 -0700 Subject: [PATCH 10/21] use opt instead of /srv for walnut bins --- dist/etc/systemd/system/walnut.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dist/etc/systemd/system/walnut.service b/dist/etc/systemd/system/walnut.service index 517da9c..8315659 100644 --- a/dist/etc/systemd/system/walnut.service +++ b/dist/etc/systemd/system/walnut.service @@ -27,7 +27,7 @@ Group=www-data # Set a sane working directory, sane flags, and specify how to reload the config file WorkingDirectory=/srv/www -ExecStart=/opt/walnut/bin/node /srv/walnut/core/bin/walnut.js --config=/etc/walnut/walnut.yml +ExecStart=/opt/walnut/bin/node /opt/walnut/core/bin/walnut.js --config=/etc/walnut/walnut.yml ExecReload=/bin/kill -USR1 $MAINPID # Limit the number of file descriptors and processes; see `man systemd.exec` for more limit settings. From aea6853822c2538110c8b222e944658d944e6cf2 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 05:02:14 -0700 Subject: [PATCH 11/21] template for MY_USER and MY_GROUP --- dist/etc/systemd/system/walnut.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dist/etc/systemd/system/walnut.service b/dist/etc/systemd/system/walnut.service index 8315659..2cb0212 100644 --- a/dist/etc/systemd/system/walnut.service +++ b/dist/etc/systemd/system/walnut.service @@ -19,8 +19,8 @@ StartLimitBurst=3 # User and group the process will run as # (www-data is the de facto standard on most systems) -User=www-data -Group=www-data +User=MY_USER +Group=MY_GROUP # If we need to pass environment variables in the future ; Environment=GOLDILOCKS_PATH=/opt/walnut From 51c5976f11b6a08b775c9c14ea8a00008068f4bb Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 05:06:59 -0700 Subject: [PATCH 12/21] use correct paths --- dist/etc/systemd/system/walnut.service | 4 ++-- installer/install.sh | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/dist/etc/systemd/system/walnut.service b/dist/etc/systemd/system/walnut.service index 2cb0212..a3a3d98 100644 --- a/dist/etc/systemd/system/walnut.service +++ b/dist/etc/systemd/system/walnut.service @@ -26,7 +26,7 @@ Group=MY_GROUP ; Environment=GOLDILOCKS_PATH=/opt/walnut # Set a sane working directory, sane flags, and specify how to reload the config file -WorkingDirectory=/srv/www +WorkingDirectory=/opt/walnut ExecStart=/opt/walnut/bin/node /opt/walnut/core/bin/walnut.js --config=/etc/walnut/walnut.yml ExecReload=/bin/kill -USR1 $MAINPID @@ -46,7 +46,7 @@ ProtectSystem=full # … except TLS/SSL, ACME, and Let's Encrypt certificates # and /var/log/, because we want a place where logs can go. # This merely retains r/w access rights, it does not add any new. Must still be writable on the host! -ReadWriteDirectories=/etc/walnut /var/log/walnut /var/walnut /opt/walnut /srv/www +ReadWriteDirectories=/etc/walnut /var/log/walnut /var/walnut /opt/walnut /srv/walnut # Note: in v231 and above ReadWritePaths has been renamed to ReadWriteDirectories ; ReadWritePaths=/etc/walnut /var/log/walnut diff --git a/installer/install.sh b/installer/install.sh index bb44185..30fee9e 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -40,13 +40,15 @@ installer_base="https://git.daplie.com/Daplie/walnut.js/raw/$my_app_ver" # echo "Installing to $my_tmp (will be moved after install)" #mkdir -p $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name -mkdir -p $my_tmp/opt/walnut/lib/node_modules/$my_app_name +mkdir -p $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name #git clone $git_base $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name git clone $git_base $my_tmp/opt/$my_app_name/core #pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name pushd $my_tmp/opt/$my_app_name/core git checkout $my_app_ver + mkdir -p "$my_tmp/{etc,opt,srv,var}/$my_app_name" + mkdir -p "$my_tmp/var/log/$my_app_name" mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js From af7103e17b5cfa465375e5fca66813c38d1b31d0 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 05:10:26 -0700 Subject: [PATCH 13/21] note unistall instructions --- installer/install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/installer/install.sh b/installer/install.sh index 30fee9e..cfbc3ae 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -179,3 +179,4 @@ echo " api.cloud.example.com" echo "" echo "Check the WALNUT README.md for more info and how to set up /etc/goldilocks/goldilocks.yml" echo "" +echo "Unistall: rm -rf /srv/walnut/ /var/walnut/ /etc/walnut/ /opt/walnut/ /var/log/walnut/ /etc/systemd/system/walnut.service" From cfc6850a47826b57e8af43396798c4a86dc2b74a Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 05:12:46 -0700 Subject: [PATCH 14/21] remove old installer --- install-helper.sh | 301 ---------------------------------------------- install.sh | 121 +------------------ 2 files changed, 2 insertions(+), 420 deletions(-) delete mode 100755 install-helper.sh diff --git a/install-helper.sh b/install-helper.sh deleted file mode 100755 index 5e3c20f..0000000 --- a/install-helper.sh +++ /dev/null @@ -1,301 +0,0 @@ -#!/bin/bash - -set -e -set -u - -# something or other about android and tmux using PREFIX -#: "${PREFIX:=''}" -MY_ROOT="" -if [ -z "${PREFIX-}" ]; then - MY_ROOT="" -else - MY_ROOT="$PREFIX" -fi -# Not every platform has or needs sudo, gotta save them O(1)s... -sudo_cmd="" -((EUID)) && [[ -z "${ANDROID_ROOT-}" ]] && sudo_cmd="sudo" - -############################### -# # -# http_get # -# boilerplate for curl / wget # -# # -############################### - -# See https://git.daplie.com/Daplie/daplie-snippets/blob/master/bash/http-get.sh - -http_curl_opts="-fsSL" -http_wget_opts="--quiet" - -http_bin="" -http_opts="" -http_out="" - -detect_http_bin() -{ - if type -p curl >/dev/null 2>&1; then - http_bin="curl" - http_opts="$http_curl_opts" - http_out="-o" - #curl -fsSL "$url" -o "$PREFIX/tmp/$pkg" - elif type -p wget >/dev/null 2>&1; then - http_bin="wget" - http_opts="$http_wget_opts" - http_out="-O" - #wget --quiet "$url" -O "$PREFIX/tmp/$pkg" - else - echo "Aborted, could not find curl or wget" - return 7 - fi -} - -http_get() -{ - if [ -e "$1" ]; then - rsync -a "$1" "$2" - elif type -p curl >/dev/null 2>&1; then - $http_bin $http_curl_opts $http_out "$2" "$1" - elif type -p wget >/dev/null 2>&1; then - $http_bin $http_wget_opts $http_out "$2" "$1" - else - echo "Aborted, could not find curl or wget" - return 7 - fi -} - -dap_dl() -{ - http_get "$1" "$2" -} - -dap_dl_bash() -{ - dap_url=$1 - #dap_args=$2 - rm -rf /tmp/dap-tmp-runner.sh - $http_bin $http_opts $http_out /tmp/dap-tmp-runner.sh "$dap_url"; bash /tmp/dap-tmp-runner.sh; rm /tmp/dap-tmp-runner.sh -} - -detect_http_bin - -## END HTTP_GET ## - - -mvdir_backward_compat() -{ - old_dir=$1 - new_dir=$2 - # The symlink has already been set up, so no need to do anything. - if [ -L $old_dir ] && [ $(readlink $old_dir) == "$new_dir" ]; then - return 0 - fi - - if [ -d $old_dir ]; then - if [ $(ls $old_dir | wc -l) -gt 0 ]; then - mv ${old_dir}/* ${new_dir}/ - fi - rm -r ${old_dir} - #rmdir ${old_dir} - fi - - ln -snf $new_dir $old_dir -} - -################### -# # -# Install service # -# # -################### - -install_for_systemd() -{ - echo "" - echo "Installing as systemd service" - echo "" - mkdir -p $(dirname "$my_app_dir/$my_app_systemd_service") - dap_dl "$installer_base/$my_app_systemd_service" "$my_app_dir/$my_app_systemd_service" - $sudo_cmd mv "$my_app_dir/$my_app_systemd_service" "$MY_ROOT/$my_app_systemd_service" - $sudo_cmd chown -R root:root "$MY_ROOT/$my_app_systemd_service" - $sudo_cmd chmod 644 "$MY_ROOT/$my_app_systemd_service" - - mkdir -p $(dirname "$my_app_dir/$my_app_systemd_tmpfiles") - dap_dl "$installer_base/$my_app_systemd_tmpfiles" "$my_app_dir/$my_app_systemd_tmpfiles" - $sudo_cmd mv "$my_app_dir/$my_app_systemd_tmpfiles" "$MY_ROOT/$my_app_systemd_tmpfiles" - $sudo_cmd chown -R root:root "$MY_ROOT/$my_app_systemd_tmpfiles" - $sudo_cmd chmod 644 "$MY_ROOT/$my_app_systemd_tmpfiles" - - $sudo_cmd systemctl stop "${my_app_name}.service" >/dev/null 2>/dev/null - $sudo_cmd systemctl daemon-reload - $sudo_cmd systemctl start "${my_app_name}.service" - $sudo_cmd systemctl enable "${my_app_name}.service" - - echo "$my_app_name started with systemctl, check its status like so" - echo " $sudo_cmd systemctl status $my_app_name" - echo " $sudo_cmd journalctl -xe -u $my_app_name" -} - -install_for_launchd() -{ - echo "" - echo "Installing as launchd service" - echo "" - # See http://www.launchd.info/ - mkdir -p $(dirname "$my_app_dir/$my_app_launchd_service") - dap_dl "$installer_base/$my_app_launchd_service" "$my_app_dir/$my_app_launchd_service" - $sudo_cmd mv "$my_app_dir/$my_app_launchd_service" "$MY_ROOT/$my_app_launchd_service" - $sudo_cmd chown root:wheel "$MY_ROOT/$my_app_launchd_service" - $sudo_cmd chmod 0644 "$MY_ROOT/$my_app_launchd_service" - $sudo_cmd launchctl unload -w "$MY_ROOT/$my_app_launchd_service" >/dev/null 2>/dev/null - $sudo_cmd launchctl load -w "$MY_ROOT/$my_app_launchd_service" - - echo "$my_app_name started with launchd" -} - -install_etc_config() -{ - #echo "install etc config $MY_ROOT / $my_app_etc_config" - if [ ! -e "$MY_ROOT/$my_app_etc_config" ]; then - $sudo_cmd mkdir -p $(dirname "$MY_ROOT/$my_app_etc_config") - mkdir -p $(dirname "$my_app_dir/$my_app_etc_config") - dap_dl "$installer_base/$my_app_etc_config" "$my_app_dir/$my_app_etc_config" - $sudo_cmd mv "$my_app_dir/$my_app_etc_config" "$MY_ROOT/$my_app_etc_config" - fi - - $sudo_cmd chown -R www-data:www-data $(dirname "$MY_ROOT/$my_app_etc_config") || true - $sudo_cmd chown -R _www:_www $(dirname "$MY_ROOT/$my_app_etc_config") || true - $sudo_cmd chmod 775 $(dirname "$MY_ROOT/$my_app_etc_config") - $sudo_cmd chmod 664 "$MY_ROOT/$my_app_etc_config" -} - -install_service() -{ - install_etc_config - #echo "install service" - - installable="" - if [ -d "$MY_ROOT/etc/systemd/system" ]; then - install_for_systemd - installable="true" - fi - if [ -d "/Library/LaunchDaemons" ]; then - install_for_launchd - installable="true" - fi - if [ -z "$installable" ]; then - echo "" - echo "Unknown system service init type. You must install as a system service manually." - echo '(please file a bug with the output of "uname -a")' - echo "" - fi - echo "" -} - -## END SERVICE_INSTALL ## - -# Create dirs, set perms -create_skeleton() -{ - $sudo_cmd mkdir -p /srv/www - $sudo_cmd mkdir -p /var/log/$my_app_name - $sudo_cmd mkdir -p /etc/$my_app_name - $sudo_cmd mkdir -p /var/$my_app_name - $sudo_cmd mkdir -p /srv/$my_app_name - $sudo_cmd mkdir -p /opt/$my_app_name -} - -# Unistall -install_uninstaller() -{ - #echo "install uninstaller" - dap_dl "https://git.daplie.com/Daplie/walnut.js/raw/master/uninstall.sh" "./walnut-uninstall" - $sudo_cmd chmod 755 "./walnut-uninstall" - $sudo_cmd chown root:root "./walnut-uninstall" - $sudo_cmd mv "./walnut-uninstall" "/usr/local/bin/uninstall-walnut" -} - - -# Dependencies -export NODE_PATH=/opt/walnut/lib/node_modules -export NPM_CONFIG_PREFIX=/opt/walnut -$sudo_cmd mkdir -p $NODE_PATH -$sudo_cmd chown -R $(whoami) /opt/walnut -dap_dl_bash "https://git.daplie.com/coolaj86/node-install-script/raw/master/setup-min.sh" - -# Install -# npm install -g 'git+https://git@git.daplie.com/Daplie/walnut.js.git#v1' - -my_app_name=walnut -my_app_pkg_name=com.daplie.walnut.web -my_app_dir=$(mktemp -d) -#installer_base="https://git.daplie.com/Daplie/walnut.js/raw/master/dist" -#installer_base="$( dirname "${BASH_SOURCE[0]}" )/dist" -installer_base="/srv/walnut/core/dist" - -my_app_etc_config="etc/${my_app_name}/${my_app_name}.yml" -my_app_systemd_service="etc/systemd/system/${my_app_name}.service" -my_app_systemd_tmpfiles="etc/tmpfiles.d/${my_app_name}.conf" -my_app_launchd_service="Library/LaunchDaemons/${my_app_pkg_name}.plist" - -# Install -install_my_app() -{ - # This function shouldn't need to use $sudo_cmd because it is called immediately after - # /srv/walnut is chown-ed and we only mess with things in that directory. - - #git clone git@git.daplie.com:Daplie/walnut.js.git - #git clone https://git.daplie.com/Daplie/walnut.js.git /srv/walnut/core - mkdir -p /srv/walnut/{core,lib,var,etc,config,node_modules} - rm -rf /srv/walnut/core/node_modules - ln -sf ../node_modules /srv/walnut/core/node_modules - mkdir -p /srv/walnut/var/sites - mkdir -p /srv/walnut/etc/org.oauth3.consumer - mkdir -p /srv/walnut/etc/client-api-grants - mkdir -p /srv/walnut/packages/{rest,api,pages,services} - - # backwards compat - mvdir_backward_compat /srv/walnut/packages/client-api-grants /srv/walnut/etc/client-api-grants - mvdir_backward_compat /srv/walnut/packages/sites /srv/walnut/var/sites - - - if [ ! -d "/srv/walnut/core/lib/walnut@daplie.com/setup" ]; then - git clone https://git.daplie.com/Daplie/walnut_launchpad.git /srv/walnut/core/lib/walnut@daplie.com/setup - fi - - pushd /srv/walnut/core/lib/walnut@daplie.com/setup - if [ ! -d "./.git/" ]; then - echo "'/srv/walnut/core/lib/walnut@daplie.com/setup' exists but is not a git repository... not sure what to do here..." - fi - git checkout v1.2 - git pull - popd - - pushd /srv/walnut/core - export NODE_PATH=/opt/walnut/lib/node_modules - export NPM_CONFIG_PREFIX=/opt/walnut - /opt/walnut/bin/npm install - popd -} - -$sudo_cmd mkdir -p /srv/walnut -$sudo_cmd chown -R $(whoami) /srv/walnut - -install_my_app -create_skeleton -install_uninstaller -install_service - -$sudo_cmd chown -R www-data:www-data /opt/walnut || true -$sudo_cmd chown -R _www:_www /opt/walnut || true -$sudo_cmd chown -R www-data:www-data /srv/walnut || true -$sudo_cmd chown -R _www:_www /srv/walnut || true -$sudo_cmd chmod -R ug+rwX /srv/walnut -$sudo_cmd chmod -R ug+rwX /opt/walnut -# +s sets the setuid/setgid bit, which when set on directories makes it so anything -# created inside the directory maintains the same user/group (depending on the bits -# set). Any directory created within a directory with those bits set will also have -# those bits set. When setuid or setgid bits are set on a file however it means that -# if the file is executed it will run with the permissions of the user/group no matter -# who actually runs it (see the ping executable for example). -# I'm not sure that all systems actually support the use of these bits. -find /srv/walnut -type d -exec $sudo_cmd chmod ug+s {} \; || true -find /opt/walnut -type d -exec $sudo_cmd chmod ug+s {} \; || true diff --git a/install.sh b/install.sh index 8505656..fbbb931 100644 --- a/install.sh +++ b/install.sh @@ -1,121 +1,4 @@ #!/bin/bash -# Not every platform has or needs sudo, gotta save them O(1)s... -sudo_cmd="" -((EUID)) && [[ -z "$ANDROID_ROOT" ]] && sudo_cmd="sudo" - -set -e -set -u - -############################### -# # -# boilerplate for curl / wget # -# # -############################### - -http_get="" -http_opts="" -http_out="" - -detect_http_get() -{ - if type -p curl >/dev/null 2>&1; then - http_get="curl" - http_opts="-fsSL" - http_out="-o" - #curl -fsSL "$caddy_url" -o "$PREFIX/tmp/$caddy_pkg" - elif type -p wget >/dev/null 2>&1; then - http_get="wget" - http_opts="--quiet" - http_out="-O" - #wget --quiet "$caddy_url" -O "$PREFIX/tmp/$caddy_pkg" - else - echo "Aborted, could not find curl or wget" - return 7 - fi -} - -dap_dl() -{ - $http_get $http_opts $http_out "$2" "$1" -} - -dap_dl_bash() -{ - dap_url=$1 - #dap_args=$2 - rm -rf dap-tmp-runner.sh - $http_get $http_opts $http_out dap-tmp-runner.sh "$dap_url"; bash dap-tmp-runner.sh; rm dap-tmp-runner.sh -} - -detect_http_get - -############################### -# # -# actual script continues... # -# # -############################### - -install_walnut() -{ - $sudo_cmd mkdir -p /srv/walnut/{var,etc,packages,node_modules} - # www-data exists on linux, _www exists on mac OS - $sudo_cmd chown -R $(whoami):www-data /srv/walnut || $sudo_cmd chown -R $(whoami):_www /srv/walnut - if [ ! -d "/srv/walnut/core/" ]; then - git clone https://git.daplie.com/Daplie/walnut.js.git /srv/walnut/core - fi - pushd /srv/walnut/core - if [ ! -d "./.git/" ]; then - echo "'/srv/walnut/core' exists but is not a git repository... not sure what to do here..." - fi - git checkout v1.2 - git pull - popd - rm -rf /srv/walnut/core/node_modules - ln -sf ../node_modules /srv/walnut/core/node_modules - /srv/walnut/core/install-helper.sh /srv/walnut - # Now that the install is finished we need to set the owner to the user that will actually - # be running the walnut server. - $sudo_cmd chown -R www-data:www-data /srv/walnut || $sudo_cmd chown -R _www:_www /srv/walnut -} - -# Install node -echo "----Installing Nodejs and NPM----" -echo "v8.2.1" > /tmp/NODEJS_VER -daplie-install-node-dev -npm install -g npm@4 - -# Install goldilocks -echo "----Installing goldilocks.js----" -daplie-install-goldilocks - -echo "----Installing walnut.js----" -#$sudo_cmd mkdir -p /opt/goldilocks/{lib,bin,etc} -#export NODE_PATH=/opt/walnut/lib/node_modules -#export NPM_CONFIG_PREFIX=/opt/walnut -old_PATH=$PATH -export PATH=/opt/walnut/bin:$PATH - -# Install walnut -install_walnut - -# Install bower, some systems may be missing it, and it is a dependency -/opt/walnut/bin/npm install -g bower -touch /.bowerrc -echo '{ "allow_root": true }' > /.bowerrc - -# Restore PATH to original value -export PATH=$old_PATH - -echo "" -echo "You must have some set of domain set up to properly use goldilocks+walnut:" -echo "" -echo " example.com" -echo " www.example.com" -echo " api.example.com" -echo " assets.example.com" -echo " cloud.example.com" -echo " api.cloud.example.com" -echo "" -echo "Check the WALNUT README.md for more info and how to set up /etc/goldilocks/goldilocks.yml" -echo "" +curl -fsSL https://git.daplie.com/Daplie/walnut.js/raw/master/installer/install.sh -o walnut-installer.sh +bash walnut-installer.sh From 494953ce7e31e444181f9e79796ce6d6c643c1e5 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 05:15:04 -0700 Subject: [PATCH 15/21] fix symlink --- installer/install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/installer/install.sh b/installer/install.sh index cfbc3ae..7034eaa 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -50,8 +50,8 @@ pushd $my_tmp/opt/$my_app_name/core mkdir -p "$my_tmp/{etc,opt,srv,var}/$my_app_name" mkdir -p "$my_tmp/var/log/$my_app_name" mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} - ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name - ln -s ../core/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js + ln -s ../core/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name + ln -s ../core/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js mkdir -p "$my_tmp/opt/$my_app_name"/packages/{api,pages,rest,services} From dc58afaab09a721fc2dd5e53d22c71a45c04fd73 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 05:19:47 -0700 Subject: [PATCH 16/21] remove quote to fix bash expansion --- installer/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer/install.sh b/installer/install.sh index 7034eaa..1cb379f 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -47,7 +47,7 @@ git clone $git_base $my_tmp/opt/$my_app_name/core pushd $my_tmp/opt/$my_app_name/core git checkout $my_app_ver - mkdir -p "$my_tmp/{etc,opt,srv,var}/$my_app_name" + mkdir -p $my_tmp/{etc,opt,srv,var}/$my_app_name mkdir -p "$my_tmp/var/log/$my_app_name" mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} ln -s ../core/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name From 8e62ec37725d4d3d91091d9ee451c0e36dcc8901 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 12:15:40 -0700 Subject: [PATCH 17/21] don't exit with bad status code --- installer/install-for-systemd.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/installer/install-for-systemd.sh b/installer/install-for-systemd.sh index e2c5028..17a0bee 100644 --- a/installer/install-for-systemd.sh +++ b/installer/install-for-systemd.sh @@ -13,11 +13,16 @@ rm "$my_app_dist/$my_app_systemd_service.2" safe_copy_config "$my_app_dist/$my_app_systemd_service" "$my_root/$my_app_systemd_service" safe_copy_config "$my_app_dist/$my_app_systemd_tmpfiles" "$my_root/$my_app_systemd_tmpfiles" -$sudo_cmd systemctl stop "${my_app_name}.service" >/dev/null 2>/dev/null +$sudo_cmd systemctl stop "${my_app_name}.service" >/dev/null 2>/dev/null || true $sudo_cmd systemctl daemon-reload $sudo_cmd systemctl start "${my_app_name}.service" $sudo_cmd systemctl enable "${my_app_name}.service" +echo "" +echo "Fun systemd commands to remember:" +echo " $sudo_cmd systemctl daemon-reload" +echo " $sudo_cmd systemctl restart $my_app_name.service" +echo "" echo "$my_app_name started with systemctl, check its status like so:" echo " $sudo_cmd systemctl status $my_app_name" echo " $sudo_cmd journalctl -xe -u $my_app_name" From faaf97317000e52282c251cf79b9e881f218eb71 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 12:28:21 -0700 Subject: [PATCH 18/21] place our node path BEFORE theirs --- installer/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer/install.sh b/installer/install.sh index 1cb379f..d81bcc0 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -19,7 +19,7 @@ my_www_daplie_ver=v1.0.15 export NODE_VERSION="v8.9.0" ################# export NODE_PATH=$my_tmp/opt/$my_app_name/lib/node_modules -export PATH=$PATH:$my_tmp/opt/$my_app_name/bin/ +export PATH=$my_tmp/opt/$my_app_name/bin/:$PATH export NPM_CONFIG_PREFIX=$my_tmp/opt/$my_app_name my_npm="$NPM_CONFIG_PREFIX/bin/npm" ################# From 4ff4e44bc314018ddce3ff9e8449f4ab24b05730 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 14:32:28 -0700 Subject: [PATCH 19/21] ignore tmpfiles.d --- dist/etc/tmpfiles.d/walnut.conf | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/dist/etc/tmpfiles.d/walnut.conf b/dist/etc/tmpfiles.d/walnut.conf index 3f16a3d..c6e1cbc 100644 --- a/dist/etc/tmpfiles.d/walnut.conf +++ b/dist/etc/tmpfiles.d/walnut.conf @@ -2,11 +2,11 @@ # See https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html # Type Path Mode UID GID Age Argument -d /etc/walnut 0755 www-data www-data - - -d /etc/ssl/walnut 0750 www-data www-data - - -d /srv/walnut 0775 www-data www-data - - -d /srv/www 0775 www-data www-data - - -d /opt/walnut 0775 www-data www-data - - -d /var/walnut 0775 www-data www-data - - -d /var/log/walnut 0750 www-data www-data - - +#d /etc/walnut 0755 www-data www-data - - +#d /etc/ssl/walnut 0750 www-data www-data - - +#d /srv/walnut 0775 www-data www-data - - +#d /srv/www 0775 www-data www-data - - +#d /opt/walnut 0775 www-data www-data - - +#d /var/walnut 0775 www-data www-data - - +#d /var/log/walnut 0750 www-data www-data - - #d /run/walnut 0755 www-data www-data - - From 9707402e31dceb0c12a4c6fecc9ff3cae63d18b1 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 14:57:40 -0700 Subject: [PATCH 20/21] update install script --- README.md | 4 + install.sh | 4 - installer/get.sh | 20 ++++ installer/install.sh | 246 ++++++++++++++++++++++--------------------- 4 files changed, 152 insertions(+), 122 deletions(-) delete mode 100644 install.sh create mode 100644 installer/get.sh diff --git a/README.md b/README.md index 1a7abff..e17367f 100644 --- a/README.md +++ b/README.md @@ -53,6 +53,10 @@ Installation We're still in a stage where the installation generally requires many manual steps. +``bash +curl https://git.daplie.com/Daplie/walnut.js/raw/v1.2/installer/get.sh | bash +``` + See [INSTALL.md](/INSTALL.md) Usage diff --git a/install.sh b/install.sh deleted file mode 100644 index fbbb931..0000000 --- a/install.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -curl -fsSL https://git.daplie.com/Daplie/walnut.js/raw/master/installer/install.sh -o walnut-installer.sh -bash walnut-installer.sh diff --git a/installer/get.sh b/installer/get.sh new file mode 100644 index 0000000..4f2e01d --- /dev/null +++ b/installer/get.sh @@ -0,0 +1,20 @@ +set -e +set -u + +my_name=walnut +# TODO provide an option to supply my_ver and my_tmp +my_ver=master +my_tmp=$(mktemp -d) + +mkdir -p $my_tmp/opt/$my_name/lib/node_modules/$my_name +git clone https://git.daplie.com/Daplie/walnut.js.git $my_tmp/opt/$my_name/core + +echo "Installing to $my_tmp (will be moved after install)" +pushd $my_tmp/opt/$my_name/core + git checkout $my_ver + source ./installer/install.sh +popd + +echo "Installation successful, now cleaning up $my_tmp ..." +rm -rf $my_tmp +echo "Done" diff --git a/installer/install.sh b/installer/install.sh index d81bcc0..54fe028 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -3,9 +3,24 @@ set -e set -u -my_tmp=$(mktemp -d) -my_app_name=walnut +### IMPORTANT ### +### VERSION ### +my_name=walnut my_app_pkg_name=com.daplie.walnut.web +#my_app_ver="v1.1" +my_app_ver="installer-v2" +my_azp_oauth3_ver="v1.2" +export NODE_VERSION="v8.9.0" + +if [ -z "${my_tmp-}" ]; then + my_tmp="$(mktemp -d)" + mkdir -p $my_tmp/opt/$my_name/lib/node_modules/$my_name + echo "Installing to $my_tmp (will be moved after install)" + git clone ./ $my_tmp/opt/$my_name/lib/node_modules/$my_name + pushd $my_tmp/opt/$my_name/lib/node_modules/$my_name +fi + +################# ### IMPORTANT ### ### VERSION ### @@ -26,146 +41,137 @@ my_npm="$NPM_CONFIG_PREFIX/bin/npm" -my_app_dir=$my_tmp # TODO un-hardcode core at al #my_app_dist=$my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name/dist my_app_dist=$my_tmp/opt/$my_app_name/core/dist -git_base="https://git.daplie.com/Daplie/walnut.js.git" -installer_base="https://git.daplie.com/Daplie/walnut.js/raw/$my_app_ver" +installer_base="https://git.daplie.com/Daplie/goldilocks.js/raw/$my_app_ver" + +# Backwards compat +# some scripts still use the old names +my_app_dir=$my_tmp +my_app_name=$my_name + + + +git checkout $my_app_ver + +mkdir -p $my_tmp/{etc,opt,srv,var}/$my_app_name +mkdir -p "$my_tmp/var/log/$my_app_name" +mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} +ln -s ../core/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name +ln -s ../core/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js +#ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name +#ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js +mkdir -p "$my_tmp/opt/$my_app_name"/packages/{api,pages,rest,services} +mkdir -p "$my_tmp/opt/$my_app_name"/etc/client-api-grants +# TODO move packages and sites to /srv, grants to /etc +ln -s ../etc/client-api-grants "$my_tmp/opt/$my_app_name"/packages/client-api-grants +mkdir -p "$my_tmp/opt/$my_app_name"/var/sites +ln -s ../var/sites "$my_tmp/opt/$my_app_name"/packages/sites +mkdir -p "$my_tmp/etc/$my_app_name" +chmod 775 "$my_tmp/etc/$my_app_name" +cat "$my_app_dist/etc/$my_app_name/$my_app_name.example.yml" > "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" +chmod 664 "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" +mkdir -p $my_tmp/var/log/$my_app_name # -# Install to tmp location, then move to /opt +# Helpers # -echo "Installing to $my_tmp (will be moved after install)" -#mkdir -p $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name -mkdir -p $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name -#git clone $git_base $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name -git clone $git_base $my_tmp/opt/$my_app_name/core +source ./installer/sudo-cmd.sh +source ./installer/http-get.sh + + + +# +# Dependencies +# +echo $NODE_VERSION > /tmp/NODEJS_VER +# This will read the NODE_* and PATH variables set previously, as well as /tmp/NODEJS_VER +http_bash "https://git.coolaj86.com/coolaj86/node-installer.sh/raw/v1.1/install.sh" +$my_npm install -g npm@4 +$my_npm install -g bower +touch $my_tmp/opt/$my_app_name/.bowerrc +echo '{ "allow_root": true }' > $my_tmp/opt/$my_app_name/.bowerrc + #pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name pushd $my_tmp/opt/$my_app_name/core - git checkout $my_app_ver + mkdir -p ../node_modules + ln -s ../node_modules node_modules + $my_npm install +popd - mkdir -p $my_tmp/{etc,opt,srv,var}/$my_app_name - mkdir -p "$my_tmp/var/log/$my_app_name" - mkdir -p "$my_tmp/opt/$my_app_name"/{bin,config,core,etc,lib,node_modules,var} - ln -s ../core/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name - ln -s ../core/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js - #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name - #ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js - mkdir -p "$my_tmp/opt/$my_app_name"/packages/{api,pages,rest,services} - mkdir -p "$my_tmp/opt/$my_app_name"/etc/client-api-grants - # TODO move packages and sites to /srv, grants to /etc - ln -s ../etc/client-api-grants "$my_tmp/opt/$my_app_name"/packages/client-api-grants - mkdir -p "$my_tmp/opt/$my_app_name"/var/sites - ln -s ../var/sites "$my_tmp/opt/$my_app_name"/packages/sites - mkdir -p "$my_tmp/etc/$my_app_name" - chmod 775 "$my_tmp/etc/$my_app_name" - cat "$my_app_dist/etc/$my_app_name/$my_app_name.example.yml" > "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" - chmod 664 "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" - mkdir -p $my_tmp/var/log/$my_app_name +git clone https://git.daplie.com/Daplie/walnut_launchpad.git $my_tmp/opt/$my_app_name/core/lib/walnut@daplie.com/setup +pushd $my_tmp/opt/$my_app_name/core/lib/walnut@daplie.com/setup + git pull + git checkout $my_launchpad_ver + git clone https://git.daplie.com/OAuth3/oauth3.js.git ./assets/oauth3.org + pushd assets/oauth3.org + git checkout $my_azp_oauth3_ver + popd +popd - - # - # Helpers - # - source ./installer/sudo-cmd.sh - source ./installer/http-get.sh - - - - # - # Dependencies - # - echo $NODE_VERSION > /tmp/NODEJS_VER - # This will read the NODE_* and PATH variables set previously, as well as /tmp/NODEJS_VER - http_bash "https://git.coolaj86.com/coolaj86/node-installer.sh/raw/v1.1/install.sh" - $my_npm install -g npm@4 - $my_npm install -g bower - touch $my_tmp/opt/$my_app_name/.bowerrc - echo '{ "allow_root": true }' > $my_tmp/opt/$my_app_name/.bowerrc - - #pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name - pushd $my_tmp/opt/$my_app_name/core - mkdir -p ../node_modules - ln -s ../node_modules node_modules - $my_npm install +pushd $my_tmp/opt/$my_app_name/packages + git clone https://git.daplie.com/OAuth3/issuer_oauth3.org.git rest/issuer@oauth3.org + pushd rest/issuer@oauth3.org/ + git checkout $my_iss_oauth3_rest_ver + $my_npm install popd - git clone https://git.daplie.com/Daplie/walnut_launchpad.git $my_tmp/opt/$my_app_name/core/lib/walnut@daplie.com/setup - pushd $my_tmp/opt/$my_app_name/core/lib/walnut@daplie.com/setup - git pull - git checkout $my_launchpad_ver + git clone https://git.daplie.com/OAuth3/org.oauth3.git pages/issuer@oauth3.org + pushd pages/issuer@oauth3.org + git checkout $my_iss_oauth3_pages_ver + bash ./install.sh - git clone https://git.daplie.com/OAuth3/oauth3.js.git ./assets/oauth3.org - pushd assets/oauth3.org + pushd ./assets/oauth3.org git checkout $my_azp_oauth3_ver popd popd - pushd $my_tmp/opt/$my_app_name/packages - git clone https://git.daplie.com/OAuth3/issuer_oauth3.org.git rest/issuer@oauth3.org - pushd rest/issuer@oauth3.org/ - git checkout $my_iss_oauth3_rest_ver - $my_npm install - popd - - git clone https://git.daplie.com/OAuth3/org.oauth3.git pages/issuer@oauth3.org - pushd pages/issuer@oauth3.org - git checkout $my_iss_oauth3_pages_ver - bash ./install.sh - - pushd ./assets/oauth3.org - git checkout $my_azp_oauth3_ver - popd - popd - - git clone https://git.daplie.com/Daplie/walnut_rest_www_daplie.com.git rest/www@daplie.com - pushd rest/www@daplie.com - git checkout $my_www_daplie_ver - $my_npm install - popd + git clone https://git.daplie.com/Daplie/walnut_rest_www_daplie.com.git rest/www@daplie.com + pushd rest/www@daplie.com + git checkout $my_www_daplie_ver + $my_npm install popd - - - - # - # System Service - # - source ./installer/my-root.sh - echo "Pre-installation to $my_tmp complete, now installing to $my_root/ ..." - set +e - if type -p tree >/dev/null 2>/dev/null; then - #tree -I "node_modules|include|share" $my_tmp - tree -L 6 -I "include|share|npm" $my_tmp - else - ls $my_tmp - fi - set -e - - source ./installer/my-user-my-group.sh - echo "User $my_user Group $my_group" - - $sudo_cmd chown -R $my_user:$my_group $my_tmp - rsync -a $my_tmp/ $my_root/ - rsync -a --ignore-existing $my_app_dist/etc/$my_app_name/$my_app_name.yml $my_root/etc/$my_app_name/$my_app_name.yml - source ./installer/install-system-service.sh - - # Change to admin perms - $sudo_cmd chown -R $my_user:$my_group $my_root/opt/$my_app_name - $sudo_cmd chown -R $my_user:$my_group $my_root/var/www $my_root/srv/www - - # make sure the files are all read/write for the owner and group, and then set - # the setuid and setgid bits so that any files/directories created inside these - # directories have the same owner and group. - $sudo_cmd chmod -R ug+rwX /opt/$my_app_name - find /opt/$my_app_name -type d -exec $sudo_cmd chmod ug+s {} \; popd -rm -rf $my_tmp + +# +# System Service +# +source ./installer/my-root.sh +echo "Pre-installation to $my_tmp complete, now installing to $my_root/ ..." +set +e +if type -p tree >/dev/null 2>/dev/null; then + #tree -I "node_modules|include|share" $my_tmp + tree -L 6 -I "include|share|npm" $my_tmp +else + ls $my_tmp +fi +set -e + +source ./installer/my-user-my-group.sh +echo "User $my_user Group $my_group" + +$sudo_cmd chown -R $my_user:$my_group $my_tmp +rsync -a $my_tmp/ $my_root/ +rsync -a --ignore-existing $my_app_dist/etc/$my_app_name/$my_app_name.yml $my_root/etc/$my_app_name/$my_app_name.yml +source ./installer/install-system-service.sh + +# Change to admin perms +$sudo_cmd chown -R $my_user:$my_group $my_root/opt/$my_app_name +$sudo_cmd chown -R $my_user:$my_group $my_root/var/www $my_root/srv/www + +# make sure the files are all read/write for the owner and group, and then set +# the setuid and setgid bits so that any files/directories created inside these +# directories have the same owner and group. +$sudo_cmd chmod -R ug+rwX $my_root/opt/$my_app_name +find $my_root/opt/$my_app_name -type d -exec $sudo_cmd chmod ug+s {} \; + + echo "" echo "You must have some set of domain set up to properly use goldilocks+walnut:" @@ -180,3 +186,7 @@ echo "" echo "Check the WALNUT README.md for more info and how to set up /etc/goldilocks/goldilocks.yml" echo "" echo "Unistall: rm -rf /srv/walnut/ /var/walnut/ /etc/walnut/ /opt/walnut/ /var/log/walnut/ /etc/systemd/system/walnut.service" + + + +rm -rf $my_tmp From 485f8ce60ca1737649e465bff0a92ce5ea530b76 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Nov 2017 15:01:27 -0700 Subject: [PATCH 21/21] don't change existing files and folders --- installer/install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/installer/install.sh b/installer/install.sh index 54fe028..9180f0d 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -157,7 +157,8 @@ source ./installer/my-user-my-group.sh echo "User $my_user Group $my_group" $sudo_cmd chown -R $my_user:$my_group $my_tmp -rsync -a $my_tmp/ $my_root/ +$sudo_cmd chmod 0755 $my_tmp +rsync -a --ignore-existing $my_tmp/ $my_root/ rsync -a --ignore-existing $my_app_dist/etc/$my_app_name/$my_app_name.yml $my_root/etc/$my_app_name/$my_app_name.yml source ./installer/install-system-service.sh