#!/bin/bash
# $Id: mir-setup,v 1.2.2.2 2009/01/18 04:28:49 ianb Exp $

# Script to install a new Mir site

# Initial version -zak 2005-01-23
# Moved to traven -zak 2005-04-05
# Added to CVS    -zak 2005-06-13

set -e

CONFDIR="/etc/mir-setup"
SHAREDIR="/usr/local/share/mir-setup"
PROG="`basename $0`"

die()
{
  echo >&2 "$@";
  exit 1;
}

optdie()
{
  echo >&2 "$@";
  echo >&2 "Try $PROG --help";
  exit 1;
}

manage()
{
  (
    source "$CONFDIR/tomcat-manager.conf"

    if [ -z "$TOMCAT_MANAGER_URL" ]; then die "No TOMCAT_MANAGER_URL specified"; fi

    echo "$TOMCAT_MANAGER_URL/html/$1?path=/$2" | wget -q -O /dev/null -i -
  )
}

usage() {
    echo >&2 "Usage: $PROG options"
    echo >&2
    echo >&2 "  Exactly one of the following is required:"
    echo >&2 "    -f|--config <file>        mir-setup site config file"
    echo >&2 "       --start  <site>        start the given site's webapp"
    echo >&2 "       --stop   <site>        stop the given site's webapp"
    echo >&2 "       --reload <site>        reload the given site's webapp"
    echo >&2
    echo >&2 "  Debugging options:"
    echo >&2 "    -d|--debug                Debugging output, including 'set -x' shell trace"
    echo >&2 "    -p|--checkpoint <start>   Run from specified checkpoint after failed run"
}

while [ $# != 0 ]; do
    case "$1" in
        -f|--config) shift; CONFIGFILE="$1" ;;
        --start|--stop|--reload) ACTION="$1"; shift; SITE="$1" ;;
	-d|--debug)  set -x; DEBUG=1 ;;
	-p|--checkpoint) shift; START_CHECKPOINT="$1" ;;
	-h|-?|--help) usage; exit 0 ;;
        -*) optdie "$PROG: unknown option $1" ;;
	*) optdie "$PROG: unexpected argument '$1'" ;;
    esac
    shift
done

case "$ACTION" in
    --start|--stop|--reload)
        if [ -n "$CONFIGFILE" ]; then optdie "$PROG: config file specified with $ACTION"; fi
	echo -n "$ACTION"ing "$SITE..."
	manage "`echo "$ACTION" | sed -e 's/^--//'`" "$SITE"
	echo " done."
	exit 0
        ;;
esac

if [ -z "$CONFIGFILE" ]; then optdie "$PROG: no site config file; use -f"; fi

source "$CONFIGFILE"

if [ -z "$SITE" ]; then optdie "$PROG: no site name"; fi
if [ -z "$FQDN" ]; then optdie "$PROG: no site fqdn"; fi
if [ -z "$USER" ]; then optdie "$PROG: no user"; fi

OWNER="$USER:$GROUP"
TOMCATOWNER="$USER:$TOMCATGROUP"

if [ -n "$GROUP" ]; then
    umask 002
    PRIVMODE=660
else
    umask 022
    PRIVMODE=600
fi

if [ -n "$MIRVERSION" ]; then MIRVERSIONOPT="-r$MIRVERSION"; fi
if [ -n "$SITEVERSION" ]; then SITEVERSIONOPT="-r$SITEVERSION"; fi

if [ -n "$SHAREDB" ]; then
  if [ -n "$DBNAME" ]; then optdie "$PROG: SHAREDB and DBNAME set"; fi
  if [ -n "$DBUSER" ]; then optdie "$PROG: SHAREDB and DBUSER set"; fi
  if [ -n "$DBPASS" ]; then optdie "$PROG: SHAREDB and DBPASS set"; fi

  DBNAME="`perl -ne 'if (/\s*Database\.Name\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`"
  DBUSER="`perl -ne 'if (/\s*Database\.Username\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`"
  DBPASS="`perl -ne 'if (/\s*Database\.Password\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`"
else
  if [ -z "$DBNAME" ]; then DBNAME="$SITE"; fi
  if [ -z "$DBUSER" ]; then DBUSER="$SITE"; fi
  if [ -z "$DBPASS" ]; then DBPASS="`pwgen -s 8 1`"; fi
fi

if [ -z "$CONFIGPROPERTIES" ]; then CONFIGPROPERTIES="$CONFDIR/config.properties"; fi
if [ ! -e "$CONFIGPROPERTIES" ]; then
  optdie "$CONFIGPROPERTIES does not exist"
fi

CUR_CHECKPOINT=0
checkpoint()
{
  CUR_CHECKPOINT=$(($CUR_CHECKPOINT + 1))
  if [ -n "$START_CHECKPOINT" ]; then
    if [ "$CUR_CHECKPOINT" -lt "$START_CHECKPOINT" ]; then
      echo "Skipping checkpoint $CUR_CHECKPOINT: $@"
      unset RUNNING
    else
      echo "Running from checkpoint $CUR_CHECKPOINT: $@"
      RUNNING=1
    fi
  else
    echo "Checkpoint $CUR_CHECKPOINT: $@"
    RUNNING=1
  fi
}

checkpoint "Create user $USER and groups"
if [ -n "$RUNNING" ]; then
  if ! id $USER >/dev/null 2>&1 ;then
    adduser --disabled-login --gecos "$SITE mir user,,,"  $USER
  fi
  if ! getent group $TOMCATGROUP >/dev/null 2>&1  ;then
    addgroup $TOMCATGROUP
  fi
  if id $TOMCATUSER >/dev/null 2>&1 ;then
    adduser $TOMCATUSER $TOMCATGROUP
  else
    die "User $TOMCATUSER does not exist"
  fi
  adduser $USER $TOMCATGROUP
fi

checkpoint "Prepare install directory: $INSTALLDIR"
if [ -n "$RUNNING" ]; then
  mkdir -p "$INSTALLDIR"
  chown "$OWNER" "$INSTALLDIR"
  chmod g+s "$INSTALLDIR"
fi

if [ -n "$MIRGITROOT" ]; then
  checkpoint "Check out Mir [$MIRVERSION] from git $MIRGITROOT"
  if [ -n "$RUNNING" ]; then
    cd "$INSTALLDIR"
    sudo -u "$USER" git clone "$MIRGITROOT"
    sudo -u "$USER" sh -c "(cd mir && git checkout $MIRVERSION)"
    chown -R "$OWNER" mir
  fi
else
  checkpoint "Check out Mir [$MIRVERSION] from CVS $MIRCVSROOT"
  if [ -n "$RUNNING" ]; then
    cd "$INSTALLDIR"
    sudo -u "$USER" cvs -z3 -d"$MIRCVSROOT" checkout $MIRVERSIONOPT mir
    chown -R "$OWNER" mir
  fi
fi

if [ -n "$SITEGITROOT" ]; then
  checkpoint "Check out site templates [$SITEVERSION] from git $SITEGITROOT"
  if [ -n "$RUNNING" ]; then
    cd "$INSTALLDIR"
    sudo -u "$USER" git clone "$SITEGITROOT"
    sudo -u "$USER" sh -c "(cd $SITEOVERLAYDIR && git checkout $SITEGITVERSION)"
    chown -R "$OWNER" "$SITEOVERLAYDIR"
  fi
else
  checkpoint "Check out site templates [$SITEVERSION] from CVS $SITECVSROOT"
  if [ -n "$RUNNING" ]; then
    cd "$INSTALLDIR"
    sudo -u "$USER" cvs -z3 -d"$SITECVSROOT" checkout $SITEVERSIONOPT "$SITEOVERLAYDIR"
    chown -R "$OWNER" "$SITEOVERLAYDIR"
  fi
fi

checkpoint "Prepare production directory: $PRODUCTIONDIR"
if [ -n "$RUNNING" ]; then
  mkdir -p "$PRODUCTIONDIR"
  chown "$TOMCATOWNER" "$PRODUCTIONDIR"
  chmod g+s "$PRODUCTIONDIR"
  cd "$PRODUCTIONDIR"
  PRODUCTIONSUBDIRS="abstract comments content de en img inc style"
  mkdir -p $PRODUCTIONSUBDIRS
  chown "$TOMCATOWNER" $PRODUCTIONSUBDIRS
  ln -snf en/index.html
fi

munge_config_file()
{
  (
    export SITE
    export FQDN
    export MIRRORFQDN
    export SECUREFQDN
    export ALIASES
    export USER
    export DBNAME
    export DBUSER
    export DBPASS
    export PRODUCTIONDIR

    perl -w "$SHAREDIR/munge_config_file.pl" <"$1" >"$2"
    chown "$OWNER" "$2"
  )
}

checkpoint "Install robots.txt file"
if [ -n "$RUNNING" ]; then
  munge_config_file "$CONFDIR/robots.txt" "$PRODUCTIONDIR/robots.txt"
fi

checkpoint "Fetch cities.inc"
if [ -n "$RUNNING" ]; then
  wget -O - http://www.indymedia.org/cities.inc |
    sed -e 's/<br \/>/<br>/gi' >  "$PRODUCTIONDIR/cities.inc"
  chown $USER:$TOMCATGROUP  "$PRODUCTIONDIR/cities.inc"
fi

checkpoint "Install site-specific Apache configuration file (non-SSL)"
if [ -n "$RUNNING" ]; then
  mkdir -p "$APACHECONFDIR"
  munge_config_file "$CONFDIR/site-httpd.conf" "$APACHECONFDIR/$SITE.conf"
fi

checkpoint "Install site-specific Apache configuration file (SSL on dedicated IP)"
if [ -n "$RUNNING" ]; then
  mkdir -p "$APACHECONFDIR/ssl-dedicated"
  munge_config_file "$CONFDIR/site-ssl-dedicated-httpd.conf" "$APACHECONFDIR/ssl-dedicated/$SITE.conf"
fi

checkpoint "Install site-specific Apache configuration file (SSL fragment for webapp via canonical host)"
if [ -n "$RUNNING" ]; then
  mkdir -p "$APACHECONFDIR/ssl-fragments"
  munge_config_file "$CONFDIR/site-ssl-httpd-fragment.conf" "$APACHECONFDIR/ssl-fragments/$SITE.conf"
fi

checkpoint "Configure temporary snake-oil SSL cert"
if [ -n "$RUNNING" ]; then
  if [ ! -f /etc/apache2/ssl/$SECUREFQDN.crt ]; then
    ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/apache2/ssl/$SECUREFQDN.crt
    ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/apache2/ssl/$SECUREFQDN.key
  fi
fi

checkpoint "Restart Apache with new configuration"
if [ -n "$RUNNING" ]; then
  "$APACHECTL" configtest
  "$APACHECTL" graceful
fi

checkpoint "Overlay /etc from site template"
if [ -n "$RUNNING" ]; then
  cd "$INSTALLDIR/mir"
  mv etc etc.orig
  ln -snf "../$SITEOVERLAYDIR/etc"
fi

if [ -n "$SHAREDB" ]; then
  checkpoint "Sharing existing database (not creating)"
  checkpoint "Sharing existing database (not importing/installing)"
  checkpoint "Sharing existing database (not setting permissions)"
else
  checkpoint "Create database"
  if [ -n "$RUNNING" ]; then
    sudo -u postgres createdb --encoding=unicode "$DBNAME"
    sudo -u postgres psql "$DBNAME" <<EOF
CREATE USER $DBUSER WITH PASSWORD '$DBPASS' NOCREATEDB NOCREATEUSER;
UPDATE pg_database SET datdba=(SELECT usesysid FROM pg_user WHERE usename='$DBUSER') WHERE datname='$DBNAME';
EOF
  fi

  if [ -n "$DBDUMP" ]; then
    checkpoint "Import database dump"
    if [ -n "$RUNNING" ]; then
      zcat "$DBDUMP" | sudo -u postgres pg_restore -d "$DBNAME" -O -x
    fi
  else
    checkpoint "Install default database"
    if [ -n "$RUNNING" ]; then
      for i in "$INSTALLDIR"/mir/dbscripts/{create_pg,help*,populate*}.sql; do
        sudo -u postgres psql -f $i "$DBNAME"
      done
    fi
  fi

  checkpoint "Set database permissions"
  if [ -n "$RUNNING" ]; then
    # Clumsy -- produces errors which we should ignore
    echo >&2 "Don't worry about errors from some of the GRANTs here"
    sudo -u postgres psql -qto "|psql \"$DBNAME\"" "$DBNAME" <<EOF
SELECT 'GRANT ALL ON '||relname||' TO $DBUSER;'
FROM pg_class
WHERE relname not like 'pg%'
ORDER by relname;
EOF
  fi
fi

checkpoint "Creating links to needed jar files in mir/lib"
if [ -n "$RUNNING" ]; then
  if [ -f /usr/share/java/servlet-2.3.jar ]; then
    ln -sf /usr/share/java/servlet-2.3.jar "$INSTALLDIR/mir/lib"
  else
    die "/usr/share/java/servlet-2.3.jar not found"
  fi
  ln -sf /etc/mir-setup/lib/rt.jar "$INSTALLDIR/mir/lib"
fi

checkpoint "Installing config.properties"
if [ -n "$RUNNING" ]; then
  PROPERTIESFILE="$INSTALLDIR/mir/etc/config.properties"
  touch "$PROPERTIESFILE"
  chmod "$PRIVMODE" "$PROPERTIESFILE"
  munge_config_file "$CONFIGPROPERTIES" "$PROPERTIESFILE"
fi

checkpoint "Running ant to build Mir"
if [ -n "$RUNNING" ]; then
  cd "$INSTALLDIR/mir"
  sudo -u "$USER" TOMCAT_HOME="$TOMCAT_HOME" ant
fi

checkpoint "Fixing up jar links in mir deployment"
if [ -n "RUNNING" ]; then
  rm -f "$INSTALLDIR/mir/bin/mir/WEB-INF/lib/rt.jar"
  rm -f "$INSTALLDIR/mir/bin/mir/WEB-INF/lib/servlet-2.3.jar"
  ln -sf /usr/share/java/servlet-2.3.jar "$INSTALLDIR/mir/bin/mir/WEB-INF/lib"
  ln -sf /etc/mir-setup/lib/rt.jar       "$INSTALLDIR/mir/bin/mir/WEB-INF/lib"
fi

checkpoint "Creating empty abuse.properties"
if [ -n "$RUNNING" ]; then
  touch "$INSTALLDIR/mir/bin/mir/WEB-INF/abuse.properties"
fi

checkpoint "Fixing file permissions"
if [ -n "$RUNNING" ]; then
  cd "$INSTALLDIR/mir"
  sed -e "s/^GROUP=.*\$/GROUP=$TOMCATGROUP/" perms.sh-dist >perms.sh
  chmod +x perms.sh
  ./perms.sh
fi

checkpoint "Linking into Tomcat Web apps directory"
if [ -n "$RUNNING" ]; then
  cd "$WEBAPPSDIR"
  ln -snf "$INSTALLDIR/mir/bin/mir" "$SITE"
fi

checkpoint "Restarting tomcat"
if [ -n "$RUNNING" ]; then
  if   [ -x /etc/init.d/tomcat5.5 ]; then
    /etc/init.d/tomcat5.5 force-reload
  elif [ -x /etc/init.d/tomcat4 ]; then
    /etc/init.d/tomcat4   force-reload
  else
      echo tomcat NOT reloaded, reload manually
  fi
fi

checkpoint "All done!"