2020-09-26 16:19:37 +02:00
#!/bin/bash
#
2021-07-23 09:32:20 +02:00
# ScoDoc 8: install third-party software necessary for our installation
2020-12-15 08:50:19 +01:00
# starting for a minimal Debian (Buster, 10.0) install.
2020-09-26 16:19:37 +02:00
#
2020-12-15 08:50:19 +01:00
# E. Viennet, Jun 2008, Apr 2009, Sept 2011, Sept 2013, Nov 2013, Mar 2017, Jul 2017,
2021-07-23 09:32:20 +02:00
# Jun 2019, Oct 2019, Dec 2020, Jul 2021
2020-09-26 16:19:37 +02:00
#
2021-08-15 16:43:53 +02:00
set -euo pipefail
2021-08-02 10:34:28 +02:00
# Le répertoire de ce script:
SCRIPT_DIR = " $( cd " $( dirname " ${ BASH_SOURCE [0] } " ) " & > /dev/null && pwd ) "
source " $SCRIPT_DIR /config.sh "
source " $SCRIPT_DIR /utils.sh "
2020-09-26 16:19:37 +02:00
2021-07-25 09:51:09 +02:00
check_uid_root " $0 "
cd " $SCODOC_DIR " || die " can't cd $SCODOC_DIR "
2020-09-26 16:19:37 +02:00
# ------------ Safety checks
2021-08-17 12:18:42 +02:00
if [ " ${ debian_version } " != "11" ]
2020-09-26 16:19:37 +02:00
then
echo "Version du systeme Linux Debian incompatible"
exit 1
fi
2020-12-19 19:22:22 +01:00
if [ " $( arch) " != "x86_64" ]
2020-09-26 16:19:37 +02:00
then
echo "Version du systeme Linux Debian incompatible (pas X86 64 bits)"
exit 1
fi
2021-07-23 14:46:12 +02:00
# ------------ Unix user
check_create_scodoc_user
2021-07-25 09:51:09 +02:00
# --- Create empty .../var/ subdir
echo "Creating empty local directories..."
for d in var var/scodoc var/scodoc/archives var/scodoc/photos var/scodoc/tmp var/scodoc/config var/scodoc/config/version var/scodoc/config/depts var/scodoc/config/logos
do
[ -d " $d " ] || mkdir " $d " || die " can't create $d subdirectory "
done
2020-09-26 16:19:37 +02:00
# ------------ Permissions & directories
2021-07-23 09:32:20 +02:00
change_scodoc_file_ownership
2021-07-25 09:51:09 +02:00
set_scodoc_var_dir
2020-09-26 16:19:37 +02:00
2021-07-23 09:32:20 +02:00
# ------------ AJOUT DES PAQUETS DEBIAN NECESSAIRES
2020-09-26 16:19:37 +02:00
apt-get update
2021-07-25 09:51:09 +02:00
apt-get -y install gcc
2021-07-23 09:32:20 +02:00
apt-get -y install python3-dev
apt-get -y install python3-venv
2021-07-25 09:51:09 +02:00
apt-get -y install python3-pip
apt-get install -y python3-wheel
2021-07-23 09:32:20 +02:00
apt-get -y install libpq-dev
apt-get -y install libcrack2-dev
2020-09-26 16:19:37 +02:00
apt-get -y install postgresql
2021-07-27 14:33:11 +02:00
apt-get -y install redis
2021-07-23 09:32:20 +02:00
apt-get -y install curl
2020-09-26 16:19:37 +02:00
apt-get -y install graphviz
2021-07-27 14:33:11 +02:00
systemctl start redis
2021-07-23 14:46:12 +02:00
# ------------ CREATION DU VIRTUALENV
echo "Creating python3 virtualenv..."
python3 -m venv venv || die "can't create Python 3 virtualenv"
2021-07-23 09:32:20 +02:00
# ------------ INSTALL DES PAQUETS PYTHON (3.7)
2021-07-11 13:03:13 +02:00
# ScoDoc8 uses pip in our env
2021-07-23 09:32:20 +02:00
source venv/bin/activate
2021-08-17 12:18:42 +02:00
# pip install --upgrade pip => bug [Errno 39] Directory not empty: '_internal'
2021-07-23 09:32:20 +02:00
pip install wheel
pip install -r requirements-3.7.txt
2020-09-26 16:19:37 +02:00
# ------------
2021-07-23 09:32:20 +02:00
GITCOMMIT = $( git rev-parse HEAD)
SVERSION = $( curl --silent http://scodoc.iutv.univ-paris13.fr/scodoc-installmgr/version?mode= install\& commit = " $GITCOMMIT " )
2020-12-19 19:22:22 +01:00
echo " $SVERSION " > " ${ SCODOC_VERSION_DIR } /scodoc.sn "
2020-09-26 16:19:37 +02:00
# ------------ POSTFIX
echo
echo "ScoDoc a besoin de pouvoir envoyer des messages par mail."
echo -n "Voulez vous configurer la messagerie (tres recommande) ? (y/n) [y] "
2020-12-19 19:22:22 +01:00
read -r ans
2020-09-26 16:19:37 +02:00
if [ " $( norm_ans " $ans " ) " != 'N' ]
then
apt-get -y install postfix
fi
# ------------ CONFIG FIREWALL (non teste en Debian 10)
echo
echo "Le firewall aide a proteger votre serveur d'intrusions indesirables."
echo -n "Voulez vous configurer un firewall minimal (ufw) ? (y/n) [n] "
2020-12-19 19:22:22 +01:00
read -r ans
2020-09-26 16:19:37 +02:00
if [ " $( norm_ans " $ans " ) " = 'Y' ]
then
echo 'Installation du firewall IP ufw (voir documentation Debian)'
echo ' on autorise les connexions ssh et https'
apt-get -y install ufw
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow https
yes | ufw enable
fi
2021-08-09 08:25:33 +02:00
# --- POSTGRESQL
# --- Ensure postgres user "scodoc" ($POSTGRES_USER) exists
init_postgres_user
2021-07-23 09:32:20 +02:00
# --- XXX XXX XXX XXX XXX XXX XXX XXX XXX XXX XXX XXX ---
echo
echo "WARNING: version ScoDoc8 expérimentale"
echo "Ne pas utiliser en production !"
echo
echo "Pour lancer le serveur de développement: voir README"
exit 0
# --- XXX XXX XXX XXX XXX XXX XXX XXX XXX XXX XXX XXX ---
2020-09-26 16:19:37 +02:00
# Nota: after this point, the network _may_ be unreachable
# (if firewall config is wrong)
2021-07-23 09:32:20 +02:00
# ------------ CONFIG NGINX
2020-09-26 16:19:37 +02:00
a2enmod ssl
a2enmod proxy
a2enmod proxy_http
a2enmod rewrite
echo
echo "La configuration du serveur web va modifier votre installation Apache pour supporter ScoDoc."
echo -n "Voulez vous configurer le serveur web Apache maintenant (tres conseille) ? (y/n) [y] "
2020-12-19 19:22:22 +01:00
read -r ans
2020-09-26 16:19:37 +02:00
if [ " $( norm_ans " $ans " ) " != 'N' ]
then
echo "Configuration d'Apache"
server_name = ""
2020-12-19 19:22:22 +01:00
while [ -z " $server_name " ]
2020-09-26 16:19:37 +02:00
do
echo "Le nom de votre serveur doit normalement etre connu dans le DNS."
echo -n "Nom complet de votre serveur (exemple: notes.univ.fr): "
2020-12-19 19:22:22 +01:00
read -r server_name
2020-09-26 16:19:37 +02:00
done
# --- CERTIFICATS AUTO-SIGNES
echo
echo "Il est possible d'utiliser des certificats cryptographiques"
echo "auto-signes, qui ne seront pas reconnus comme de confiance"
echo "par les navigateurs, mais offrent une certaine securite."
echo -n 'Voulez vous generer des certificats ssl auto-signes ? (y/n) [y] '
2020-12-19 19:22:22 +01:00
read -r ans
2020-09-26 16:19:37 +02:00
if [ " $( norm_ans " $ans " ) " != 'N' ]
then
# attention: utilise dans scodoc-site-ssl.orig
ssl_dir = /etc/apache2/scodoc-ssl
if [ ! -e $ssl_dir ]
then
mkdir $ssl_dir
fi
/usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf $ssl_dir /apache.pem
cert_status = $?
else
cert_status = -1
fi
# ---
echo 'generation de /etc/apache2/sites-available/scodoc-site-ssl'
2021-07-21 22:32:30 +02:00
cat " $SCODOC_DIR " /tools/etc/scodoc-site-ssl-apache2.4.orig | sed -e " s:YOUR\.FULL\.HOST\.NAME: $server_name :g " > /etc/apache2/sites-available/scodoc-site-ssl.conf
2020-09-26 16:19:37 +02:00
echo 'activation du site...'
a2ensite scodoc-site-ssl
echo 'Remplacement du site Apache par defaut (sic ! old saved as .bak)'
fn = /etc/apache2/sites-available/000-default.conf
if [ -e $fn ]
then
mv $fn $fn .bak
fi
2021-07-21 22:32:30 +02:00
cp " $SCODOC_DIR " /tools/etc/scodoc-site.orig $fn
2020-09-26 16:19:37 +02:00
if [ -z " $( grep Listen /etc/apache2/ports.conf | grep 443) " ]
then
echo 'adding port 443'
echo 'Listen 443' >> /etc/apache2/ports.conf
fi
echo 'configuring Apache proxy'
mv /etc/apache2/mods-available/proxy.conf /etc/apache2/mods-available/proxy.conf.bak
cat > /etc/apache2/mods-available/proxy.conf <<EOF
<IfModule mod_proxy.c>
# Proxy config for ScoDoc default installation
ProxyRequests Off
<ProxyMatch http://localhost:8080>
Order deny,allow
Allow from all
</ProxyMatch>
</IfModule>
EOF
fi
systemctl restart apache2
# ------------ CONFIG SERVICE SCODOC
echo
echo "Installer le service scodoc permet de lancer automatiquement le serveur au demarrage."
echo -n "Voulez vous installer le service scodoc ? (y/n) [y] "
read ans
if [ " $( norm_ans " $ans " ) " != 'N' ]
then
2020-12-05 17:29:26 +01:00
# ScoDoc 7.19+ uses systemd
2021-07-21 22:32:30 +02:00
$SCODOC_DIR /tools/configure_systemd.sh
2020-09-26 16:19:37 +02:00
fi
# ------------ CONFIG MISE A JOUR HEBDOMADAIRE
echo
echo -n "Mises a jour hebdomadaires (tres recommande) ? (y/n) [y] "
read ans
if [ " $( norm_ans " $ans " ) " != 'N' ]
then
2021-07-21 22:32:30 +02:00
cp " $SCODOC_DIR " /tools/etc/scodoc-updater.service /etc/systemd/system
cp " $SCODOC_DIR " /tools/etc/scodoc-updater.timer /etc/systemd/system
2020-09-26 16:19:37 +02:00
systemctl enable scodoc-updater.timer
systemctl start scodoc-updater.timer
fi
# ------------ THE END
echo
echo "Installation terminee."
echo
echo "Vous pouvez maintenant creer la base d'utilisateurs avec ./create_user_db.sh"
echo "puis creer un departement avec ./create_dept.sh"
echo "Ou bien restaurer vos donnees a partir d'une ancienne installation a l'aide du script restore_scodoc_data.sh"
2021-07-21 22:32:30 +02:00
echo "(voir https://scodoc.org/MigrationDonneesScoDoc/)"
2020-09-26 16:19:37 +02:00
echo
if [ " ${ cert_status } " != 0 ]
then
echo "Attention: le serveur Web Apache n'a pas de certificat."
echo "Il est probable qu'il ne fonctionne pas."
echo "Installez vos certificats ou generez provisoirement des certificats autosignes"
echo " avec la commande: /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf $ssl_dir /apache.pem "
echo
fi