From 0f54d72eb8bb97dc1d23c2ce0744767a4de0aeb9 Mon Sep 17 00:00:00 2001 From: ianb Date: Sun, 18 Jan 2009 04:28:49 +0000 Subject: [PATCH] * scripts/mir-setup/mir-setup: + When getting DB name/user/pass, use shell variables rather than hardcoded uk. + Create $USER and $TOMCATGROUP, add $USER and $TOMCATUSER to $TOMCATGROUP. + if $MIRGITROOT or $SITEGITROOT are defined, checkout mir or site from git instead of CVS. + Download cities.inc. + Configure temporary SSL snake-oil cert. + Create links in $INSTALLDIR/mir/lib to needed jar files: * servlet-2.3: link to /usr/share/java * rt: link to /etc/mir-setup/lib. This is so mir-choose-java can change that link rather than making changes in several places. + Pass TOMCAT_HOME to ant. + Fixup jar links in mir deployment to match config above. + Create empty abuse.properties. + Restart tomcat. * README: updated to mention mir-prepare and conf/tomcat4. --- scripts/mir-setup/README | 14 ++++- scripts/mir-setup/mir-setup | 137 ++++++++++++++++++++++++++++++++++++-------- 2 files changed, 124 insertions(+), 27 deletions(-) diff --git a/scripts/mir-setup/README b/scripts/mir-setup/README index 8f81d2c3..c1c2c631 100755 --- a/scripts/mir-setup/README +++ b/scripts/mir-setup/README @@ -1,4 +1,4 @@ -$Id: README,v 1.1.2.1 2006/11/11 12:52:05 zak Exp $ +$Id: README,v 1.1.2.2 2009/01/18 04:28:49 ianb Exp $ The mir-setup script was developed initially on pulp (the UK development server) and then on traven. It hasn't been @@ -10,7 +10,7 @@ for more information on setting up sites with this script. The files in this directory should be installed as follows: -mir/scripts/ +mir/scripts/mir-setup/ mir-setup -> /usr/local/sbin/ munge_config_file.pl -> /usr/local/share/mir-setup/ conf/* -> /etc/mir-setup/ @@ -19,5 +19,15 @@ If you choose different locations (for example running the script direct from the CVS checkout, you'll need to modify CONFDIR (in mir-setup itself) and/or SHAREDIR (in conf/config) accordingly. +If you run ./mir-prepare direct from the mir/scripts/mir-setup/ +directory of the source tree, it will install and configure apache, +java, tomcat, etc. ready for you to set up sites with mir-setup. It +will also install mir-setup as detailed above. + +mir-prepare and the config files in conf/ assume you are using tomcat5.5. +If you are still using tomcat4, use the config files in conf/tomcat4, +and beware that mir-prepare may need changes. mir-setup should +still work with tomcat4. + Note that this script has only been used with the MIR_1_1 branch so far. diff --git a/scripts/mir-setup/mir-setup b/scripts/mir-setup/mir-setup index e08f9da9..401567ea 100755 --- a/scripts/mir-setup/mir-setup +++ b/scripts/mir-setup/mir-setup @@ -1,5 +1,5 @@ #!/bin/bash -# $Id: mir-setup,v 1.2.2.1 2006/11/11 12:52:05 zak Exp $ +# $Id: mir-setup,v 1.2.2.2 2009/01/18 04:28:49 ianb Exp $ # Script to install a new Mir site @@ -30,11 +30,11 @@ manage() { ( source "$CONFDIR/tomcat-manager.conf" - + if [ -z "$TOMCAT_MANAGER_URL" ]; then die "No TOMCAT_MANAGER_URL specified"; fi - + echo "$TOMCAT_MANAGER_URL/html/$1?path=/$2" | wget -q -O /dev/null -i - - ) + ) } usage() { @@ -73,7 +73,7 @@ case "$ACTION" in exit 0 ;; esac - + if [ -z "$CONFIGFILE" ]; then optdie "$PROG: no site config file; use -f"; fi source "$CONFIGFILE" @@ -100,10 +100,10 @@ if [ -n "$SHAREDB" ]; then if [ -n "$DBNAME" ]; then optdie "$PROG: SHAREDB and DBNAME set"; fi if [ -n "$DBUSER" ]; then optdie "$PROG: SHAREDB and DBUSER set"; fi if [ -n "$DBPASS" ]; then optdie "$PROG: SHAREDB and DBPASS set"; fi - - DBNAME="`perl -ne 'if (/\s*Database\.Name\s*=\s*(\S+)/) { print "$1\n" }' /mir/uk/setup_uk/etc/config.properties`" - DBUSER="`perl -ne 'if (/\s*Database\.Username\s*=\s*(\S+)/) { print "$1\n" }' /mir/uk/setup_uk/etc/config.properties`" - DBPASS="`perl -ne 'if (/\s*Database\.Password\s*=\s*(\S+)/) { print "$1\n" }' /mir/uk/setup_uk/etc/config.properties`" + + DBNAME="`perl -ne 'if (/\s*Database\.Name\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`" + DBUSER="`perl -ne 'if (/\s*Database\.Username\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`" + DBPASS="`perl -ne 'if (/\s*Database\.Password\s*=\s*(\S+)/) { print "$1\n" }' "$INSTALLDIR/$SITEOVERLAYDIR/etc/config.properties"`" else if [ -z "$DBNAME" ]; then DBNAME="$SITE"; fi if [ -z "$DBUSER" ]; then DBUSER="$SITE"; fi @@ -133,6 +133,22 @@ checkpoint() fi } +checkpoint "Create user $USER and groups" +if [ -n "$RUNNING" ]; then + if ! id $USER >/dev/null 2>&1 ;then + adduser --disabled-login --gecos "$SITE mir user,,," $USER + fi + if ! getent group $TOMCATGROUP >/dev/null 2>&1 ;then + addgroup $TOMCATGROUP + fi + if id $TOMCATUSER >/dev/null 2>&1 ;then + adduser $TOMCATUSER $TOMCATGROUP + else + die "User $TOMCATUSER does not exist" + fi + adduser $USER $TOMCATGROUP +fi + checkpoint "Prepare install directory: $INSTALLDIR" if [ -n "$RUNNING" ]; then mkdir -p "$INSTALLDIR" @@ -140,17 +156,38 @@ if [ -n "$RUNNING" ]; then chmod g+s "$INSTALLDIR" fi -checkpoint "Check out Mir [$MIRVERSION] from $MIRCVSROOT" -if [ -n "$RUNNING" ]; then - cd "$INSTALLDIR" - sudo -u "$USER" cvs -z3 -d"$MIRCVSROOT" checkout $MIRVERSIONOPT mir - chown -R "$OWNER" mir +if [ -n "$MIRGITROOT" ]; then + checkpoint "Check out Mir [$MIRVERSION] from git $MIRGITROOT" + if [ -n "$RUNNING" ]; then + cd "$INSTALLDIR" + sudo -u "$USER" git clone "$MIRGITROOT" + sudo -u "$USER" sh -c "(cd mir && git checkout $MIRVERSION)" + chown -R "$OWNER" mir + fi +else + checkpoint "Check out Mir [$MIRVERSION] from CVS $MIRCVSROOT" + if [ -n "$RUNNING" ]; then + cd "$INSTALLDIR" + sudo -u "$USER" cvs -z3 -d"$MIRCVSROOT" checkout $MIRVERSIONOPT mir + chown -R "$OWNER" mir + fi fi -checkpoint "Check out site templates [$SITEVERSION] from $SITECVSROOT" -if [ -n "$RUNNING" ]; then - cd "$INSTALLDIR" - sudo -u "$USER" cvs -z3 -d"$SITECVSROOT" checkout $SITEVERSIONOPT "$SITEOVERLAYDIR" - chown -R "$OWNER" "$SITEOVERLAYDIR" + +if [ -n "$SITEGITROOT" ]; then + checkpoint "Check out site templates [$SITEVERSION] from git $SITEGITROOT" + if [ -n "$RUNNING" ]; then + cd "$INSTALLDIR" + sudo -u "$USER" git clone "$SITEGITROOT" + sudo -u "$USER" sh -c "(cd $SITEOVERLAYDIR && git checkout $SITEGITVERSION)" + chown -R "$OWNER" "$SITEOVERLAYDIR" + fi +else + checkpoint "Check out site templates [$SITEVERSION] from CVS $SITECVSROOT" + if [ -n "$RUNNING" ]; then + cd "$INSTALLDIR" + sudo -u "$USER" cvs -z3 -d"$SITECVSROOT" checkout $SITEVERSIONOPT "$SITEOVERLAYDIR" + chown -R "$OWNER" "$SITEOVERLAYDIR" + fi fi checkpoint "Prepare production directory: $PRODUCTIONDIR" @@ -189,6 +226,13 @@ if [ -n "$RUNNING" ]; then munge_config_file "$CONFDIR/robots.txt" "$PRODUCTIONDIR/robots.txt" fi +checkpoint "Fetch cities.inc" +if [ -n "$RUNNING" ]; then + wget -O - http://www.indymedia.org/cities.inc | + sed -e 's/
/
/gi' > "$PRODUCTIONDIR/cities.inc" + chown $USER:$TOMCATGROUP "$PRODUCTIONDIR/cities.inc" +fi + checkpoint "Install site-specific Apache configuration file (non-SSL)" if [ -n "$RUNNING" ]; then mkdir -p "$APACHECONFDIR" @@ -207,6 +251,14 @@ if [ -n "$RUNNING" ]; then munge_config_file "$CONFDIR/site-ssl-httpd-fragment.conf" "$APACHECONFDIR/ssl-fragments/$SITE.conf" fi +checkpoint "Configure temporary snake-oil SSL cert" +if [ -n "$RUNNING" ]; then + if [ ! -f /etc/apache2/ssl/$SECUREFQDN.crt ]; then + ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/apache2/ssl/$SECUREFQDN.crt + ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/apache2/ssl/$SECUREFQDN.key + fi +fi + checkpoint "Restart Apache with new configuration" if [ -n "$RUNNING" ]; then "$APACHECTL" configtest @@ -233,7 +285,7 @@ CREATE USER $DBUSER WITH PASSWORD '$DBPASS' NOCREATEDB NOCREATEUSER; UPDATE pg_database SET datdba=(SELECT usesysid FROM pg_user WHERE usename='$DBUSER') WHERE datname='$DBNAME'; EOF fi - + if [ -n "$DBDUMP" ]; then checkpoint "Import database dump" if [ -n "$RUNNING" ]; then @@ -261,17 +313,41 @@ EOF fi fi -checkpoint "Install config.properties" +checkpoint "Creating links to needed jar files in mir/lib" +if [ -n "$RUNNING" ]; then + if [ -f /usr/share/java/servlet-2.3.jar ]; then + ln -sf /usr/share/java/servlet-2.3.jar "$INSTALLDIR/mir/lib" + else + die "/usr/share/java/servlet-2.3.jar not found" + fi + ln -sf /etc/mir-setup/lib/rt.jar "$INSTALLDIR/mir/lib" +fi + +checkpoint "Installing config.properties" if [ -n "$RUNNING" ]; then - touch "$INSTALLDIR/mir/etc/config.properties" - chmod "$PRIVMODE" "$INSTALLDIR/mir/etc/config.properties" - munge_config_file "$CONFIGPROPERTIES" "$INSTALLDIR/mir/etc/config.properties" + PROPERTIESFILE="$INSTALLDIR/mir/etc/config.properties" + touch "$PROPERTIESFILE" + chmod "$PRIVMODE" "$PROPERTIESFILE" + munge_config_file "$CONFIGPROPERTIES" "$PROPERTIESFILE" fi checkpoint "Running ant to build Mir" if [ -n "$RUNNING" ]; then cd "$INSTALLDIR/mir" - sudo -u "$USER" ant + sudo -u "$USER" TOMCAT_HOME="$TOMCAT_HOME" ant +fi + +checkpoint "Fixing up jar links in mir deployment" +if [ -n "RUNNING" ]; then + rm -f "$INSTALLDIR/mir/bin/mir/WEB-INF/lib/rt.jar" + rm -f "$INSTALLDIR/mir/bin/mir/WEB-INF/lib/servlet-2.3.jar" + ln -sf /usr/share/java/servlet-2.3.jar "$INSTALLDIR/mir/bin/mir/WEB-INF/lib" + ln -sf /etc/mir-setup/lib/rt.jar "$INSTALLDIR/mir/bin/mir/WEB-INF/lib" +fi + +checkpoint "Creating empty abuse.properties" +if [ -n "$RUNNING" ]; then + touch "$INSTALLDIR/mir/bin/mir/WEB-INF/abuse.properties" fi checkpoint "Fixing file permissions" @@ -288,4 +364,15 @@ if [ -n "$RUNNING" ]; then ln -snf "$INSTALLDIR/mir/bin/mir" "$SITE" fi +checkpoint "Restarting tomcat" +if [ -n "$RUNNING" ]; then + if [ -x /etc/init.d/tomcat5.5 ]; then + /etc/init.d/tomcat5.5 force-reload + elif [ -x /etc/init.d/tomcat4 ]; then + /etc/init.d/tomcat4 force-reload + else + echo tomcat NOT reloaded, reload manually + fi +fi + checkpoint "All done!" -- 2.11.0