#!/bin/sh # # 2017 ungleich GmbH (cdist at ungleich.ch) # 2018 ungleich glarus ag (cdist at ungleich.ch) # # This file is part of cdist. # # cdist is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # cdist is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with cdist. If not, see . # os=$(cat "$__global/explorer/os") if [ ! "$os" = "debian" -a ! "$os" = "devuan" ] then echo "OS $os is currently not supported." >&2 exit 1 fi os_version=$(cat "$__global/explorer/os_version") case "$os_version" in 8*|jessie) distribution="jessie" packages="php7.0-common php7.0-gd php7.0-json php7.0-pgsql php7.0-curl php7.0-intl php7.0-mcrypt php7.0-imagick php7.0-zip php7.0-apcu php7.0-mbstring php7.0-xml php7.0-fpm" phpv="7.0" ;; 9*|ascii|ascii/ceres) distribution="stretch" packages="php7.0-common php7.0-gd php7.0-json php7.0-pgsql php7.0-curl php7.0-intl php7.0-mcrypt php7.0-imagick php7.0-zip php7.0-apcu php7.0-mbstring php7.0-xml php7.0-fpm" phpv="7.0" ;; 10*|beowulf|beowulf/ceres) #packages="php7.3-common php7.3-gd php7.3-json php7.3-pgsql php7.3-curl php7.3-intl php7.3-mcrypt php-imagick php7.3-zip php-apcu php7.3-mbstring php7.3-xml php7.3-fpm" distribution="buster" packages="php7.3-fpm php7.3-intl php7.3-ldap php7.3-imap php7.3-gd php7.3-pgsql php7.3-curl php7.3-xml php7.3-zip php7.3-mbstring php7.3-soap php7.3-smbclient php7.3-json php7.3-gmp php7.3-bz2 php-pear" phpv="7.3" ;; *) echo "Unsupported version $os_version of $os." >&2 exit 1 ;; esac db_pass=$(cat "$__object/parameter/db-pass") db_user=$(cat "$__object/parameter/db-user") db_name=$(cat "$__object/parameter/db-name") domain=$(cat "$__object/parameter/domain") tmpdir="$__object/files" mkdir "$tmpdir" case "$os_version" in 8*|jessie|9*|ascii|ascii/ceres) __apt_key_uri dotdeb --uri https://www.dotdeb.org/dotdeb.gpg require="__apt_key_uri/dotdeb" __apt_source dotdeb --uri http://packages.dotdeb.org \ --distribution ${distribution} \ --component all require="__apt_source/dotdeb" __apt_update_index ;; esac __apt_update_index # Install packages for package in ${packages} do require="__apt_update_index" __package $package --state=present done require="__apt_update_index" __package postgresql --state=present #require="__apt_update_index" __package curl --state=present # Configure packages ## PHP 7 sed "s/VERSION/$phpv/" "$__type/files/fpm.conf" > "$tmpdir/fpm" require="__package/php${phpv}-fpm" __file /etc/php/${phpv}/fpm/pool.d/www.conf \ --owner root --group root --mode 644 --source "$tmpdir/fpm" ## Nginx ### HTTP only server to allow access __ungleich_http_server_ssl_redirect_letsencrypt --webroot /var/www/html/ "$domain" ### Get the certificates require="__ungleich_http_server_ssl_redirect_letsencrypt/$domain" \ __letsencrypt_cert --admin-email technik@ungleich.ch \ --webroot /var/www/html/ \ --renew-hook "service nginx reload" \ --domain "$domain" --automatic-renewal \ "$domain" ### The SSL configuration sed "s/DOMAIN/$domain/" "$__type/files/nextcloud.nginx" > "$tmpdir/nginx" sed -i "s/VERSION/$phpv/" "$tmpdir/nginx" require="__letsencrypt_cert/$domain __package/nginx" __file /etc/nginx/sites-enabled/nextcloud \ --owner www-data \ --group www-data \ --mode 755 \ --source "$tmpdir/nginx" ## Postgres require="__package/postgresql" __postgres_role "${db_user}" --password "${db_pass}" \ --login --createdb require="__package/postgresql __postgres_role/${db_user}" __postgres_database "${db_name}"\ --owner "${db_user}" --state present # Start on boot require="__package/postgresql" __start_on_boot postgresql require="__package/nginx" __start_on_boot nginx require="__package/php${phpv}-fpm" __start_on_boot php${phpv}-fpm