diff --git a/dist/etc/systemd/system/goldilocks.service b/dist/etc/systemd/system/goldilocks.service index 41cd441..ac0992c 100644 --- a/dist/etc/systemd/system/goldilocks.service +++ b/dist/etc/systemd/system/goldilocks.service @@ -46,7 +46,7 @@ ProtectSystem=full # … except TLS/SSL, ACME, and Let's Encrypt certificates # and /var/log/goldilocks, because we want a place where logs can go. # This merely retains r/w access rights, it does not add any new. Must still be writable on the host! -ReadWriteDirectories=/etc/goldilocks /etc/ssl /srv/www /var/log/goldilocks +ReadWriteDirectories=/etc/goldilocks /etc/ssl /srv/www /var/log/goldilocks /opt/goldilocks # you may also want to add other directories such as /opt/goldilocks /etc/acme /etc/letsencrypt # Note: in v231 and above ReadWritePaths has been renamed to ReadWriteDirectories diff --git a/install.sh b/install.sh deleted file mode 100644 index 81f4d0b..0000000 --- a/install.sh +++ /dev/null @@ -1,146 +0,0 @@ -#!/bin/bash - -set -e -set -u - -my_tmp=$(mktemp -d) -my_app_name=goldilocks -my_app_pkg_name=com.daplie.goldilocks.web - -### IMPORTANT ### -### VERSION ### -#my_app_ver="v1.1" -my_app_ver="installer-v2" -my_azp_oauth3_ver="v1.2" -export NODE_VERSION="v8.9.0" -################# -export NODE_PATH=$my_tmp/opt/$my_app_name/lib/node_modules -export PATH=$my_tmp/opt/$my_app_name/bin/:$PATH -export NPM_CONFIG_PREFIX=$my_tmp/opt/$my_app_name -my_npm="$NPM_CONFIG_PREFIX/bin/npm" -################# - - - -my_app_dir=$my_tmp -my_app_dist=$my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name/dist -git_base="https://git.daplie.com/Daplie/goldilocks.js.git" -installer_base="https://git.daplie.com/Daplie/goldilocks.js/raw/$my_app_ver" - - - -# -# Install to tmp location, then move to /opt -# -echo "Installing to $my_tmp (will be moved after install)" -mkdir -p $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name -git clone $git_base $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name -pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name - git checkout $my_app_ver - - mkdir -p "$my_tmp/opt/$my_app_name"/{lib,bin,etc} - ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name - ln -s ../lib/node_modules/$my_app_name/bin/$my_app_name.js $my_tmp/opt/$my_app_name/bin/$my_app_name.js - mkdir -p "$my_tmp/etc/$my_app_name" - chmod 775 "$my_tmp/etc/$my_app_name" - cat "$my_app_dist/etc/$my_app_name/$my_app_name.example.yml" > "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" - chmod 664 "$my_tmp/etc/$my_app_name/$my_app_name.example.yml" - mkdir -p $my_tmp/srv/www - mkdir -p $my_tmp/var/www - mkdir -p $my_tmp/var/log/$my_app_name - - - - # - # Helpers - # - source ./installer/sudo-cmd.sh - source ./installer/http-get.sh - - - - # - # Dependencies - # - echo $NODE_VERSION > /tmp/NODEJS_VER - http_bash "https://git.coolaj86.com/coolaj86/node-installer.sh/raw/v1.1/install.sh" - $my_npm install -g npm@4 - pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name - $my_npm install - popd - pushd $my_tmp/opt/$my_app_name/lib/node_modules/$my_app_name/packages/assets - OAUTH3_GIT_URL="https://git.daplie.com/Oauth3/oauth3.js.git" - git clone ${OAUTH3_GIT_URL} oauth3.org || true - ln -s oauth3.org org.oauth3 - pushd oauth3.org - git remote set-url origin ${OAUTH3_GIT_URL} - git checkout $my_azp_oauth3_ver - git pull - popd - - mkdir -p jquery.com - ln -s jquery.com com.jquery - pushd jquery.com - http_get 'https://code.jquery.com/jquery-3.1.1.js' jquery-3.1.1.js - popd - - mkdir -p google.com - ln -s google.com com.google - pushd google.com - http_get 'https://ajax.googleapis.com/ajax/libs/angularjs/1.6.2/angular.min.js' angular.1.6.2.min.js - popd - - mkdir -p well-known - ln -s well-known .well-known - pushd well-known - ln -snf ../oauth3.org/well-known/oauth3 ./oauth3 - popd - echo "installed dependencies" - popd - - - - # - # System Service - # - source ./installer/my-root.sh - echo "Pre-installation to $my_tmp complete, now installing to $my_root/ ..." - set +e - if type -p tree >/dev/null 2>/dev/null; then - #tree -I "node_modules|include|share" $my_tmp - tree -L 6 -I "include|share|npm" $my_tmp - else - ls $my_tmp - fi - set -e - - source ./installer/my-user-my-group.sh - echo "User $my_user Group $my_group" - - $sudo_cmd chown -R $my_user:$my_group $my_tmp - rsync -a $my_tmp/ $my_root/ - rsync -a --ignore-existing $my_app_dist/etc/$my_app_name/$my_app_name.yml $my_root/etc/$my_app_name/$my_app_name.yml - source ./installer/install-system-service.sh - - # Change to admin perms - $sudo_cmd chown -R $my_user:$my_group $my_root/opt/$my_app_name - $sudo_cmd chown -R $my_user:$my_group $my_root/var/www $my_root/srv/www - - # make sure the files are all read/write for the owner and group, and then set - # the setuid and setgid bits so that any files/directories created inside these - # directories have the same owner and group. - $sudo_cmd chmod -R ug+rwX /opt/$my_app_name - find /opt/$my_app_name -type d -exec $sudo_cmd chmod ug+s {} \; -popd - - -rm -rf $my_tmp - -echo "" -echo "$my_app_name installation complete!" -echo "" -echo "Restart: systemctl restart $my_app_name" -echo "Logs: journalctl -xefu $my_app_name" -echo "Config: /etc/$my_app_name/$my_app_name.yml" -echo "" -echo "Unistall: rm -rf /srv/$my_app_name/ /var/$my_app_name/ /etc/$my_app_name/ /opt/$my_app_name/ /var/log/$my_app_name/ /etc/systemd/system/$my_app_name.service" diff --git a/installer/get.sh b/installer/get.sh new file mode 100644 index 0000000..3923b61 --- /dev/null +++ b/installer/get.sh @@ -0,0 +1,20 @@ +set -e +set -u + +my_name=goldilocks +# TODO provide an option to supply my_ver and my_tmp +my_ver=master +my_tmp=$(mktemp -d) + +mkdir -p $my_tmp/opt/$my_name/lib/node_modules/$my_name +git clone https://git.daplie.com/Daplie/goldilocks.js.git $my_tmp/opt/$my_name/lib/node_modules/$my_name + +echo "Installing to $my_tmp (will be moved after install)" +pushd $my_tmp/opt/$my_name/lib/node_modules/$my_name + git checkout $my_ver + source ./helper.sh +popd + +echo "Installation successful, now cleaning up $my_tmp ..." +rm -rf $my_tmp +echo "Done" diff --git a/installer/install.sh b/installer/install.sh new file mode 100644 index 0000000..f154767 --- /dev/null +++ b/installer/install.sh @@ -0,0 +1,147 @@ +#!/bin/bash + +set -e +set -u + + +### IMPORTANT ### +### VERSION ### +my_name=goldilocks +my_app_pkg_name=com.daplie.goldilocks.web +#my_app_ver="v1.1" +my_app_ver="installer-v2" +my_azp_oauth3_ver="v1.2" +export NODE_VERSION="v8.9.0" + +if [ -z "${my_tmp-}" ]; then + my_tmp="$(mktemp -d)" + mkdir -p $my_tmp/opt/$my_name/lib/node_modules/$my_name + echo "Installing to $my_tmp (will be moved after install)" + git clone ./ $my_tmp/opt/$my_name/lib/node_modules/$my_name + pushd $my_tmp/opt/$my_name/lib/node_modules/$my_name +fi + +################# +export NODE_PATH=$my_tmp/opt/$my_name/lib/node_modules +export PATH=$my_tmp/opt/$my_name/bin/:$PATH +export NPM_CONFIG_PREFIX=$my_tmp/opt/$my_name +my_npm="$NPM_CONFIG_PREFIX/bin/npm" +################# + + +my_app_dist=$my_tmp/opt/$my_name/lib/node_modules/$my_name/dist +installer_base="https://git.daplie.com/Daplie/goldilocks.js/raw/$my_app_ver" + +# Backwards compat +# some scripts still use the old names +my_app_dir=$my_tmp +my_app_name=$my_name + + + +git checkout $my_app_ver + +mkdir -p "$my_tmp/opt/$my_name"/{lib,bin,etc} +ln -s ../lib/node_modules/$my_name/bin/$my_name.js $my_tmp/opt/$my_name/bin/$my_name +ln -s ../lib/node_modules/$my_name/bin/$my_name.js $my_tmp/opt/$my_name/bin/$my_name.js +mkdir -p "$my_tmp/etc/$my_name" +chmod 775 "$my_tmp/etc/$my_name" +cat "$my_app_dist/etc/$my_name/$my_name.example.yml" > "$my_tmp/etc/$my_name/$my_name.example.yml" +chmod 664 "$my_tmp/etc/$my_name/$my_name.example.yml" +mkdir -p $my_tmp/srv/www +mkdir -p $my_tmp/var/www +mkdir -p $my_tmp/var/log/$my_name + + + +# +# Helpers +# +source ./installer/sudo-cmd.sh +source ./installer/http-get.sh + + + +# +# Dependencies +# +echo $NODE_VERSION > /tmp/NODEJS_VER +http_bash "https://git.coolaj86.com/coolaj86/node-installer.sh/raw/v1.1/install.sh" +$my_npm install -g npm@4 +pushd $my_tmp/opt/$my_name/lib/node_modules/$my_name + $my_npm install +popd +pushd $my_tmp/opt/$my_name/lib/node_modules/$my_name/packages/assets + OAUTH3_GIT_URL="https://git.daplie.com/Oauth3/oauth3.js.git" + git clone ${OAUTH3_GIT_URL} oauth3.org || true + ln -s oauth3.org org.oauth3 + pushd oauth3.org + git remote set-url origin ${OAUTH3_GIT_URL} + git checkout $my_azp_oauth3_ver + git pull + popd + + mkdir -p jquery.com + ln -s jquery.com com.jquery + pushd jquery.com + http_get 'https://code.jquery.com/jquery-3.1.1.js' jquery-3.1.1.js + popd + + mkdir -p google.com + ln -s google.com com.google + pushd google.com + http_get 'https://ajax.googleapis.com/ajax/libs/angularjs/1.6.2/angular.min.js' angular.1.6.2.min.js + popd + + mkdir -p well-known + ln -s well-known .well-known + pushd well-known + ln -snf ../oauth3.org/well-known/oauth3 ./oauth3 + popd + echo "installed dependencies" +popd + + + +# +# System Service +# +source ./installer/my-root.sh +echo "Pre-installation to $my_tmp complete, now installing to $my_root/ ..." +set +e +if type -p tree >/dev/null 2>/dev/null; then + #tree -I "node_modules|include|share" $my_tmp + tree -L 6 -I "include|share|npm" $my_tmp +else + ls $my_tmp +fi +set -e + +source ./installer/my-user-my-group.sh +echo "User $my_user Group $my_group" + +$sudo_cmd chown -R $my_user:$my_group $my_tmp +rsync -a $my_tmp/ $my_root/ +rsync -a --ignore-existing $my_app_dist/etc/$my_name/$my_name.yml $my_root/etc/$my_name/$my_name.yml +source ./installer/install-system-service.sh + +# Change to admin perms +$sudo_cmd chown -R $my_user:$my_group $my_root/opt/$my_name +$sudo_cmd chown -R $my_user:$my_group $my_root/var/www $my_root/srv/www + +# make sure the files are all read/write for the owner and group, and then set +# the setuid and setgid bits so that any files/directories created inside these +# directories have the same owner and group. +$sudo_cmd chmod -R ug+rwX /opt/$my_name +find $my_root/opt/$my_name -type d -exec $sudo_cmd chmod ug+s {} \; + + + +echo "" +echo "$my_name installation complete!" +echo "" +echo "Restart: systemctl restart $my_name" +echo "Logs: journalctl -xefu $my_name" +echo "Config: /etc/$my_name/$my_name.yml" +echo "" +echo "Unistall: rm -rf /srv/$my_name/ /var/$my_name/ /etc/$my_name/ /opt/$my_name/ /var/log/$my_name/ /etc/systemd/system/$my_name.service"