+#!/bin/bash
+# $Id: mir-setup.squeeze,v 1.1.2.1 2010/12/16 18:31:08 ianb Exp $
+
+# Script to install a new Mir site
+
+# Initial version -zak 2005-01-23
+# Moved to traven -zak 2005-04-05
+# Added to CVS -zak 2005-06-13
+
+set -e
+
+CONFDIR="/etc/mir-setup"
+SHAREDIR="/usr/local/share/mir-setup"
+PROG="`basename $0`"
+
+die()
+{
+ echo >&2 "$@";
+ exit 1;
+}
+
+optdie()
+{
+ echo >&2 "$@";
+ echo >&2 "Try $PROG --help";
+ exit 1;
+}
+
+manage()
+{
+ (
+ source "$CONFDIR/tomcat-manager.conf"
+
+ if [ -z "$TOMCAT_MANAGER_URL" ]; then die "No TOMCAT_MANAGER_URL specified"; fi
+
+ echo "$TOMCAT_MANAGER_URL/html/$1?path=/$2" | wget -q -O /dev/null -i -
+ )
+}
+
+usage() {
+ echo >&2 "Usage: $PROG options"
+ echo >&2
+ echo >&2 " Exactly one of the following is required:"
+ echo >&2 " -f|--config <file> mir-setup site config file"
+ echo >&2 " --start <site> start the given site's webapp"
+ echo >&2 " --stop <site> stop the given site's webapp"
+ echo >&2 " --reload <site> reload the given site's webapp"
+ echo >&2
+ echo >&2 " Debugging options:"
+ echo >&2 " -d|--debug Debugging output, including 'set -x' shell trace"
+ echo >&2 " -p|--checkpoint <start> Run from specified checkpoint after failed run"
+}
+
+while [ $# != 0 ]; do
+ case "$1" in
+ -f|--config) shift; CONFIGFILE="$1" ;;
+ --start|--stop|--reload) ACTION="$1"; shift; SITE="$1" ;;
+ -d|--debug) set -x; DEBUG=1 ;;
+ -p|--checkpoint) shift; START_CHECKPOINT="$1" ;;
+ -h|-?|--help) usage; exit 0 ;;
+ -*) optdie "$PROG: unknown option $1" ;;
+ *) optdie "$PROG: unexpected argument '$1'" ;;
+ esac
+ shift
+done
+
+case "$ACTION" in
+ --start|--stop|--reload)
+ if [ -n "$CONFIGFILE" ]; then optdie "$PROG: config file specified with $ACTION"; fi
+ echo -n "$ACTION"ing "$SITE..."
+ manage "`echo "$ACTION" | sed -e 's/^--//'`" "$SITE"
+ echo " done."
+ exit 0
+ ;;
+esac
+
+if [ -z "$CONFIGFILE" ]; then optdie "$PROG: no site config file; use -f"; fi
+
+source "$CONFIGFILE"
+
+if [ -z "$SITE" ]; then optdie "$PROG: no site name"; fi
+if [ -z "$FQDN" ]; then optdie "$PROG: no site fqdn"; fi
+if [ -z "$USER" ]; then optdie "$PROG: no user"; fi
+
+OWNER="$USER:$GROUP"
+TOMCATOWNER="$USER:$TOMCATGROUP"
+
+if [ -n "$GROUP" ]; then
+ umask 002
+ PRIVMODE=660
+else
+ umask 022
+ PRIVMODE=600
+fi
+
+if [ -n "$MIRVERSION" ]; then MIRVERSIONOPT="-r$MIRVERSION"; fi
+if [ -n "$SITEVERSION" ]; then SITEVERSIONOPT="-r$SITEVERSION"; fi
+
+if [ -n "$SHAREDB" ]; then
+ if [ -n "$DBNAME" ]; then optdie "$PROG: SHAREDB and DBNAME set"; fi
+ if [ -n "$DBUSER" ]; then optdie "$PROG: SHAREDB and DBUSER set"; fi
+ if [ -n "$DBPASS" ]; then optdie "$PROG: SHAREDB and DBPASS set"; fi
+
+ DBNAME="`perl -ne 'if (/\s*Database\.Name\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`"
+ DBUSER="`perl -ne 'if (/\s*Database\.Username\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`"
+ DBPASS="`perl -ne 'if (/\s*Database\.Password\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`"
+else
+ if [ -z "$DBNAME" ]; then DBNAME="$SITE"; fi
+ if [ -z "$DBUSER" ]; then DBUSER="$SITE"; fi
+ if [ -z "$DBPASS" ]; then DBPASS="`pwgen -s 8 1`"; fi
+fi
+
+if [ -z "$CONFIGPROPERTIES" ]; then CONFIGPROPERTIES="$CONFDIR/config.properties"; fi
+if [ ! -e "$CONFIGPROPERTIES" ]; then
+ optdie "$CONFIGPROPERTIES does not exist"
+fi
+
+CUR_CHECKPOINT=0
+checkpoint()
+{
+ CUR_CHECKPOINT=$(($CUR_CHECKPOINT + 1))
+ if [ -n "$START_CHECKPOINT" ]; then
+ if [ "$CUR_CHECKPOINT" -lt "$START_CHECKPOINT" ]; then
+ echo "Skipping checkpoint $CUR_CHECKPOINT: $@"
+ unset RUNNING
+ else
+ echo "Running from checkpoint $CUR_CHECKPOINT: $@"
+ RUNNING=1
+ fi
+ else
+ echo "Checkpoint $CUR_CHECKPOINT: $@"
+ RUNNING=1
+ fi
+}
+
+checkpoint "Create user $USER and groups"
+if [ -n "$RUNNING" ]; then
+ if ! id $USER >/dev/null 2>&1 ;then
+ adduser --disabled-login --gecos "$SITE mir user,,," $USER
+ fi
+ if ! getent group $TOMCATGROUP >/dev/null 2>&1 ;then
+ addgroup $TOMCATGROUP
+ fi
+ if id $TOMCATUSER >/dev/null 2>&1 ;then
+ adduser $TOMCATUSER $TOMCATGROUP
+ else
+ die "User $TOMCATUSER does not exist"
+ fi
+ adduser $USER $TOMCATGROUP
+fi
+
+checkpoint "Prepare install directory: $INSTALLDIR"
+if [ -n "$RUNNING" ]; then
+ mkdir -p "$INSTALLDIR"
+ chown "$OWNER" "$INSTALLDIR"
+ chmod g+s "$INSTALLDIR"
+fi
+
+if [ -n "$MIRGITROOT" ]; then
+ checkpoint "Check out Mir [$MIRVERSION] from git $MIRGITROOT"
+ if [ -n "$RUNNING" ]; then
+ cd "$INSTALLDIR"
+ sudo -u "$USER" git clone "$MIRGITROOT"
+ sudo -u "$USER" sh -c "(cd mir && git checkout $MIRVERSION)"
+ chown -R "$OWNER" mir
+ fi
+else
+ checkpoint "Check out Mir [$MIRVERSION] from CVS $MIRCVSROOT"
+ if [ -n "$RUNNING" ]; then
+ cd "$INSTALLDIR"
+ sudo -u "$USER" cvs -z3 -d"$MIRCVSROOT" checkout $MIRVERSIONOPT mir
+ chown -R "$OWNER" mir
+ fi
+fi
+
+if [ -n "$SITEGITROOT" ]; then
+ checkpoint "Check out site templates [$SITEVERSION] from git $SITEGITROOT"
+ if [ -n "$RUNNING" ]; then
+ cd "$INSTALLDIR"
+ sudo -u "$USER" git clone "$SITEGITROOT"
+ sudo -u "$USER" sh -c "(cd $SITEOVERLAYDIR && git checkout $SITEGITVERSION)"
+ chown -R "$OWNER" "$SITEOVERLAYDIR"
+ fi
+else
+ checkpoint "Check out site templates [$SITEVERSION] from CVS $SITECVSROOT"
+ if [ -n "$RUNNING" ]; then
+ cd "$INSTALLDIR"
+ sudo -u "$USER" cvs -z3 -d"$SITECVSROOT" checkout $SITEVERSIONOPT "$SITEOVERLAYDIR"
+ chown -R "$OWNER" "$SITEOVERLAYDIR"
+ fi
+fi
+
+checkpoint "Prepare production directory: $PRODUCTIONDIR"
+if [ -n "$RUNNING" ]; then
+ mkdir -p "$PRODUCTIONDIR"
+ chown "$TOMCATOWNER" "$PRODUCTIONDIR"
+ chmod g+s "$PRODUCTIONDIR"
+ cd "$PRODUCTIONDIR"
+ PRODUCTIONSUBDIRS="abstract comments content de en img inc style"
+ mkdir -p $PRODUCTIONSUBDIRS
+ chown "$TOMCATOWNER" $PRODUCTIONSUBDIRS
+ ln -snf en/index.html
+fi
+
+munge_config_file()
+{
+ (
+ export SITE
+ export FQDN
+ export MIRRORFQDN
+ export SECUREFQDN
+ export ALIASES
+ export USER
+ export DBNAME
+ export DBUSER
+ export DBPASS
+ export PRODUCTIONDIR
+
+ perl -w "$SHAREDIR/munge_config_file.pl" <"$1" >"$2"
+ chown "$OWNER" "$2"
+ )
+}
+
+checkpoint "Install robots.txt file"
+if [ -n "$RUNNING" ]; then
+ munge_config_file "$CONFDIR/robots.txt" "$PRODUCTIONDIR/robots.txt"
+fi
+
+checkpoint "Fetch cities.inc"
+if [ -n "$RUNNING" ]; then
+ wget -O - http://www.indymedia.org/cities.inc |
+ sed -e 's/<br \/>/<br>/gi' > "$PRODUCTIONDIR/cities.inc"
+ chown $USER:$TOMCATGROUP "$PRODUCTIONDIR/cities.inc"
+fi
+
+checkpoint "Install site-specific Apache configuration file (non-SSL)"
+if [ -n "$RUNNING" ]; then
+ mkdir -p "$APACHECONFDIR"
+ munge_config_file "$CONFDIR/site-httpd.conf" "$APACHECONFDIR/$SITE.conf"
+fi
+
+checkpoint "Install site-specific Apache configuration file (SSL on dedicated IP)"
+if [ -n "$RUNNING" ]; then
+ mkdir -p "$APACHECONFDIR/ssl-dedicated"
+ munge_config_file "$CONFDIR/site-ssl-dedicated-httpd.conf" "$APACHECONFDIR/ssl-dedicated/$SITE.conf"
+fi
+
+checkpoint "Install site-specific Apache configuration file (SSL fragment for webapp via canonical host)"
+if [ -n "$RUNNING" ]; then
+ mkdir -p "$APACHECONFDIR/ssl-fragments"
+ munge_config_file "$CONFDIR/site-ssl-httpd-fragment.conf" "$APACHECONFDIR/ssl-fragments/$SITE.conf"
+fi
+
+checkpoint "Configure temporary snake-oil SSL cert"
+if [ -n "$RUNNING" ]; then
+ if [ ! -f /etc/apache2/ssl/$SECUREFQDN.crt ]; then
+ ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/apache2/ssl/$SECUREFQDN.crt
+ ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/apache2/ssl/$SECUREFQDN.key
+ fi
+fi
+
+checkpoint "Restart Apache with new configuration"
+if [ -n "$RUNNING" ]; then
+ "$APACHECTL" configtest
+ "$APACHECTL" graceful
+fi
+
+checkpoint "Overlay /etc from site template"
+if [ -n "$RUNNING" ]; then
+ cd "$INSTALLDIR/mir"
+ mv etc etc.orig
+ ln -snf "../$SITEOVERLAYDIR/etc"
+fi
+
+if [ -n "$SHAREDB" ]; then
+ checkpoint "Sharing existing database (not creating)"
+ checkpoint "Sharing existing database (not importing/installing)"
+ checkpoint "Sharing existing database (not setting permissions)"
+else
+ checkpoint "Create database"
+ if [ -n "$RUNNING" ]; then
+ sudo -u postgres createdb --encoding=unicode "$DBNAME"
+ sudo -u postgres psql "$DBNAME" <<EOF
+CREATE USER $DBUSER WITH PASSWORD '$DBPASS' NOCREATEDB NOCREATEUSER;
+UPDATE pg_database SET datdba=(SELECT usesysid FROM pg_user WHERE usename='$DBUSER') WHERE datname='$DBNAME';
+EOF
+ fi
+
+ if [ -n "$DBDUMP" ]; then
+ checkpoint "Import database dump"
+ if [ -n "$RUNNING" ]; then
+ zcat "$DBDUMP" | sudo -u postgres pg_restore -d "$DBNAME" -O -x
+ fi
+ else
+ checkpoint "Install default database"
+ if [ -n "$RUNNING" ]; then
+ for i in "$INSTALLDIR"/mir/dbscripts/{create_pg,help*,populate*}.sql; do
+ sudo -u postgres psql -f $i "$DBNAME"
+ done
+ fi
+ fi
+
+ checkpoint "Set database permissions"
+ if [ -n "$RUNNING" ]; then
+ # Clumsy -- produces errors which we should ignore
+ echo >&2 "Don't worry about errors from some of the GRANTs here"
+ sudo -u postgres psql -qto "|psql \"$DBNAME\"" "$DBNAME" <<EOF
+SELECT 'GRANT ALL ON '||relname||' TO $DBUSER;'
+FROM pg_class
+WHERE relname not like 'pg%'
+ORDER by relname;
+EOF
+ fi
+fi
+
+checkpoint "Creating links to needed jar files in mir/lib"
+if [ -n "$RUNNING" ]; then
+ if [ -f /usr/share/java/servlet-2.3.jar ]; then
+ ln -sf /usr/share/java/servlet-2.3.jar "$INSTALLDIR/mir/lib"
+ else
+ die "/usr/share/java/servlet-2.3.jar not found"
+ fi
+ ln -sf /etc/mir-setup/lib/rt.jar "$INSTALLDIR/mir/lib"
+fi
+
+checkpoint "Installing config.properties"
+if [ -n "$RUNNING" ]; then
+ PROPERTIESFILE="$INSTALLDIR/mir/etc/config.properties"
+ touch "$PROPERTIESFILE"
+ chmod "$PRIVMODE" "$PROPERTIESFILE"
+ munge_config_file "$CONFIGPROPERTIES" "$PROPERTIESFILE"
+fi
+
+checkpoint "Running ant to build Mir"
+if [ -n "$RUNNING" ]; then
+ cd "$INSTALLDIR/mir"
+ sudo -u "$USER" TOMCAT_HOME="$TOMCAT_HOME" ant
+fi
+
+checkpoint "Fixing up jar links in mir deployment"
+if [ -n "RUNNING" ]; then
+ rm -f "$INSTALLDIR/mir/bin/mir/WEB-INF/lib/rt.jar"
+ rm -f "$INSTALLDIR/mir/bin/mir/WEB-INF/lib/servlet-2.3.jar"
+ ln -sf /usr/share/java/servlet-2.3.jar "$INSTALLDIR/mir/bin/mir/WEB-INF/lib"
+ ln -sf /etc/mir-setup/lib/rt.jar "$INSTALLDIR/mir/bin/mir/WEB-INF/lib"
+fi
+
+checkpoint "Creating empty abuse.properties"
+if [ -n "$RUNNING" ]; then
+ touch "$INSTALLDIR/mir/bin/mir/WEB-INF/abuse.properties"
+fi
+
+checkpoint "Fixing file permissions"
+if [ -n "$RUNNING" ]; then
+ cd "$INSTALLDIR/mir"
+ sed -e "s/^GROUP=.*\$/GROUP=$TOMCATGROUP/" perms.sh-dist >perms.sh
+ chmod +x perms.sh
+ ./perms.sh
+fi
+
+checkpoint "Enabling symlinks in tomcat"
+if [ -n "$RUNNING" ]; then
+ if ! fgrep -q 'allowLinking="true"' /etc/tomcat6/context.xml
+ then
+ cp /etc/tomcat6/context.xml /etc/tomcat6/context.xml.tmp
+ sed -e 's/<Context/<Context allowLinking="true"/;' /etc/tomcat6/context.xml.tmp > /etc/tomcat6/context.xml
+ rm /etc/tomcat6/context.xml.tmp
+ fi
+fi
+
+checkpoint "Linking into Tomcat Web apps directory"
+if [ -n "$RUNNING" ]; then
+ cd "$WEBAPPSDIR"
+ ln -snf "$INSTALLDIR/mir/bin/mir" "$SITE"
+fi
+
+checkpoint "Restarting tomcat"
+if [ -n "$RUNNING" ]; then
+ if [ -x /etc/init.d/tomcat6 ]; then
+ /etc/init.d/tomcat6 force-reload
+ elif [ -x /etc/init.d/tomcat5.5 ]; then
+ /etc/init.d/tomcat5.5 force-reload
+ elif [ -x /etc/init.d/tomcat4 ]; then
+ /etc/init.d/tomcat4 force-reload
+ else
+ echo tomcat NOT reloaded, reload manually
+ fi
+fi
+
+checkpoint "All done!"