install_re2o.sh 10.4 KB
Newer Older
1
#!/bin/bash
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

setup_ldap() {
	apt-get -y install slapd

	echo "Hashage du mot de passe ldap..."
	hashed_ldap_passwd=$(slappasswd -s $1)

	echo $hashed_ldap_passwd
	echo "Formatage des fichiers de config ldap"
	sed 's|dc=example,dc=org|'"$2"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db
	sed 's|dc=example,dc=org|'"$2"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema

	echo "Destruction config ldap existante"
	service slapd stop
	rm -rf /etc/ldap/slapd.d/*
	rm -rf /var/lib/ldap/*

	echo "Ecriture de la configuration actuelle"
	slapadd -n 0 -l /tmp/schema -F /etc/ldap/slapd.d/
	slapadd -n 1 -l /tmp/db

	echo "Reparation des permissions et redémarage de slapd"
	chown -R openldap:openldap /etc/ldap/slapd.d
	chown -R openldap:openldap /var/lib/ldap
	service slapd start
}


install_re2o_server() {
Gabriel Detraz's avatar
Gabriel Detraz committed
31 32 33 34
echo "Installation de Re2o ! 
Cet utilitaire va procéder à l'installation initiale de re2o. Le serveur présent doit être vierge.
Preconfiguration..."

35 36
export DEBIAN_FRONTEND=noninteractive

37
apt-get -y install sudo dialog
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67

HEIGHT=15
WIDTH=40
CHOICE_HEIGHT=4
BACKTITLE="Preconfiguration re2o"
MENU="Choisir une option"

TITLE="Choix du moteur bdd"
OPTIONS=(1 "mysql"
         2 "postgresql")

sql_bdd_type=$(dialog --clear \
                --backtitle "$BACKTITLE" \
                --title "$TITLE" \
                --menu "$MENU" \
                $HEIGHT $WIDTH $CHOICE_HEIGHT \
                "${OPTIONS[@]}" \
                2>&1 >/dev/tty)

clear


TITLE="Extension locale (ex : example.org)"

extension_locale=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear

Gabriel Detraz's avatar
Gabriel Detraz committed
68 69 70 71 72 73 74 75 76 77
IFS='.' read -a extension_locale_array <<< $extension_locale


for i in "${extension_locale_array[@]}"
do
    ldap_dn+="dc=$i,"
done
ldap_dn=${ldap_dn::-1}
echo $ldap_dn

78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
TITLE="Emplacement de la bdd"
OPTIONS=(1 "Local"
         2 "Distant")

sql_is_local=$(dialog --clear \
                --backtitle "$BACKTITLE" \
                --title "$TITLE" \
                --menu "$MENU" \
                $HEIGHT $WIDTH $CHOICE_HEIGHT \
                "${OPTIONS[@]}" \
                2>&1 >/dev/tty)

clear

TITLE="Mot de passe sql"
Gabriel Detraz's avatar
Gabriel Detraz committed
93

94 95 96 97 98 99 100 101
sql_password=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear


if [ $sql_is_local == 2 ]
Gabriel Detraz's avatar
Gabriel Detraz committed
102
then 
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120
TITLE="Login sql"
sql_login=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
TITLE="Nom de la bdd sql"
sql_name=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
TITLE="Hote de la base de donnée"
sql_host=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
Gabriel Detraz's avatar
Gabriel Detraz committed
121 122 123 124 125 126
else
sql_name="re2o"
sql_login="re2o"
sql_host="localhost"
fi

127
mysql_command="CREATE DATABASE $sql_name collate='utf8_general_ci';
Gabriel Detraz's avatar
Gabriel Detraz committed
128 129 130 131
CREATE USER '$sql_login'@'localhost' IDENTIFIED BY '$sql_password';
GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost';
FLUSH PRIVILEGES;"

132 133 134
pgsql_command1="CREATE DATABASE $sql_name ENCODING 'UTF8' LC_COLLATE='fr_FR.UTF-8' LC_CTYPE='fr_FR.UTF-8';"
pgsql_command2="CREATE USER $sql_login with password '$sql_password';"
pgsql_command3="ALTER DATABASE $sql_name owner to $sql_login;"
Gabriel Detraz's avatar
Gabriel Detraz committed
135

136 137 138 139 140 141 142 143 144 145 146
TITLE="Emplacement du ldap"
OPTIONS=(1 "Local"
         2 "Distant")

ldap_is_local=$(dialog --clear \
                --backtitle "$BACKTITLE" \
                --title "$TITLE" \
                --menu "$MENU" \
                $HEIGHT $WIDTH $CHOICE_HEIGHT \
                "${OPTIONS[@]}" \
                2>&1 >/dev/tty)
Gabriel Detraz's avatar
Gabriel Detraz committed
147

148 149 150 151 152 153 154 155 156
echo "Vous devrez fournir un login/host dans le cas où le ldap est non local"

TITLE="Mot de passe ldap"
ldap_password=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
if [ $ldap_is_local == 2 ]
Gabriel Detraz's avatar
Gabriel Detraz committed
157
then 
158 159 160 161 162 163 164 165 166 167 168 169
TITLE="Cn ldap admin"
ldap_cn=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
TITLE="Hote ldap"
ldap_host=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
Gabriel Detraz's avatar
Gabriel Detraz committed
170 171 172 173 174 175 176
else
ldap_cn="cn=admin,"
ldap_cn+=$ldap_dn
ldap_host="localhost"
fi


177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216
TITLE="Hôte pour l'envoi de mail"
email_host=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)

TITLE="Port du serveur mail"
OPTIONS=(25 "25 (SMTP)"
         465 "465 (SMTPS)"
	 587 "587 (Submission)")

email_port=$(dialog --clear \
                --backtitle "$BACKTITLE" \
                --title "$TITLE" \
                --menu "$MENU" \
                $HEIGHT $WIDTH $CHOICE_HEIGHT \
                "${OPTIONS[@]}" \
                2>&1 >/dev/tty)
clear
if [ $ldap_is_local == 2 ]
then 
TITLE="Cn ldap admin"
ldap_cn=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
TITLE="Hote ldap"
ldap_host=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear
else
ldap_cn="cn=admin,"
ldap_cn+=$ldap_dn
ldap_host="localhost"
fi


Gabriel Detraz's avatar
Gabriel Detraz committed
217 218 219 220 221 222
echo "Installation des paquets de base"
apt-get -y install python3-django python3-dateutil texlive-latex-base texlive-fonts-recommended python3-djangorestframework python3-django-reversion python3-pip libsasl2-dev libldap2-dev libssl-dev
pip3 install django-bootstrap3
pip3 install django-ldapdb
pip3 install django-macaddress

223
if [ $sql_bdd_type == 1 ]
Gabriel Detraz's avatar
Gabriel Detraz committed
224
then
225
    apt-get -y install python3-mysqldb mysql-client
226
    if [ $sql_is_local == 1 ]
Gabriel Detraz's avatar
Gabriel Detraz committed
227 228
    then
    apt-get -y install mysql-server
229
    mysql -u root --execute="$mysql_command"
Gabriel Detraz's avatar
Gabriel Detraz committed
230 231
    else
    echo "Veuillez saisir la commande suivante sur le serveur sql distant, puis validez"
232
    echo $mysql_command
Gabriel Detraz's avatar
Gabriel Detraz committed
233 234 235 236 237 238 239 240 241
    while true; do
	read -p "Continue (y/n)?" choice
	case "$choice" in 
	y|Y ) break;;
	n|N ) exit;;
	* ) echo "invalid";;
	esac
    done
    fi
242 243 244
else
    apt-get -y install postgresql-client
    apt-get -y install python3-psycopg2
245
    if [ $sql_is_local == 1 ]
Gabriel Detraz's avatar
Gabriel Detraz committed
246
    then
247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263
    apt-get -y install postgresql
    sudo -u postgres psql --command="$pgsql_command1"
    sudo -u postgres psql --command="$pgsql_command2"
    sudo -u postgres psql --command="$pgsql_command3"
    else
    echo "Veuillez saisir la commande suivante sur le serveur sql distant, puis validez"
    echo sudo -u postgres psql $pgsql_command1
    echo sudo -u postgres psql $pgsql_command2
    echo sudo -u postgres psql $pgsql_command3
    while true; do
	read -p "Continue (y/n)?" choice
	case "$choice" in 
	y|Y ) break;;
	n|N ) exit;;
	* ) echo "invalid";;
	esac
    done
Gabriel Detraz's avatar
Gabriel Detraz committed
264 265 266
    fi
fi 

267
if [ $ldap_is_local == 1 ]
Gabriel Detraz's avatar
Gabriel Detraz committed
268 269
then

270
setup_ldap $ldap_password $ldap_dn
Gabriel Detraz's avatar
Gabriel Detraz committed
271 272 273

else
echo "Vous devrez manuellement effectuer les opérations de setup de la base ldap sur le serveurs distant.
274
Lancez la commande : ./install_re2o.sh ldap $ldap_password $ldap_dn"
Gabriel Detraz's avatar
Gabriel Detraz committed
275 276 277 278
fi

echo "Ecriture de settings_local"

279
django_secret_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))")
Gabriel Detraz's avatar
Gabriel Detraz committed
280 281

cp re2o/settings_local.example.py re2o/settings_local.py
282 283 284 285 286 287
if [ $sql_bdd_type == 1 ]
then
    sed -i 's/db_engine/django.db.backends.mysql/g' re2o/settings_local.py
else
    sed -i 's/db_engine/django.db.backends.postgresql_psycopg2/g' re2o/settings_local.py
fi
288
sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' re2o/settings_local.py
Gabriel Detraz's avatar
Gabriel Detraz committed
289 290 291 292 293 294 295 296 297
sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' re2o/settings_local.py
sed -i 's/db_name_value/'"$sql_name"'/g' re2o/settings_local.py
sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py
sed -i 's/db_host_value/'"$sql_host"'/g' re2o/settings_local.py
sed -i 's/ldap_dn/'"$ldap_cn"'/g' re2o/settings_local.py
sed -i 's/SUPER_SECRET_LDAP/'"$ldap_password"'/g' re2o/settings_local.py
sed -i 's/ldap_host_ip/'"$ldap_host"'/g' re2o/settings_local.py
sed -i 's/dc=example,dc=org/'"$ldap_dn"'/g' re2o/settings_local.py
sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py
298 299
sed -i 's/MY_EMAIL_HOST/'"$email_host"'/g' re2o/settings_local.py
sed -i 's/MY_EMAIL_PORT/'"$email_port"'/g' re2o/settings_local.py
Gabriel Detraz's avatar
Gabriel Detraz committed
300 301

echo "Application des migrations"
302 303 304
python3 manage.py migrate

echo "Collecte des statics"
chirac's avatar
chirac committed
305
python3 manage.py collectstatic
306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328

BACKTITLE="Fin de l'installation"
TITLE="Serveur web à utiliser"
OPTIONS=(1 "apache2"
         2 "nginx")

web_serveur=$(dialog --clear \
                --backtitle "$BACKTITLE" \
                --title "$TITLE" \
                --menu "$MENU" \
                $HEIGHT $WIDTH $CHOICE_HEIGHT \
                "${OPTIONS[@]}" \
                2>&1 >/dev/tty)

clear

TITLE="Url où servir le serveur web (ex : re2o.example.org)"
url_server=$(dialog --title "$TITLE" \
	--backtitle "$BACKTITLE" \
        --inputbox "$TITLE" $HEIGHT $WIDTH \
        2>&1 >/dev/tty)
clear

329 330 331 332 333 334 335 336 337 338 339 340 341 342
TITLE="Utiliser tls et générer automatiquement le certificat LE ?"
OPTIONS=(1 "Oui"
         2 "Non")

is_tls=$(dialog --clear \
                --backtitle "$BACKTITLE" \
                --title "$TITLE" \
                --menu "$MENU" \
                $HEIGHT $WIDTH $CHOICE_HEIGHT \
                "${OPTIONS[@]}" \
                2>&1 >/dev/tty)

clear

343 344
sed -i 's/URL_SERVER/'"$url_server"'/g' re2o/settings_local.py

345

346 347 348
if [ $web_serveur == 1 ]
then
apt-get -y install apache2 libapache2-mod-wsgi-py3
349
a2enmod ssl
350
a2enmod wsgi
351 352 353 354 355 356
if [ $is_tls == 1 ]
then
cp install_utils/apache2/re2o-tls.conf /etc/apache2/sites-available/re2o.conf
apt-get -y install certbot
apt-get -y install python-certbot-apache
certbot certonly --rsa-key-size 4096 --apache -d $url_server
357
sed -i 's/LE_PATH/'"$url_server"'/g' /etc/apache2/sites-available/re2o.conf
358
else
359
cp install_utils/apache2/re2o.conf /etc/apache2/sites-available/re2o.conf
360
fi
chirac's avatar
chirac committed
361
rm /etc/apache2/sites-enabled/000-default.conf
362
sed -i 's|URL_SERVER|'"$url_server"'|g' /etc/apache2/sites-available/re2o.conf
363 364 365 366 367 368 369
current_path=$(pwd)
sed -i 's|PATH|'"$current_path"'|g' /etc/apache2/sites-available/re2o.conf
a2ensite re2o
service apache2 reload
else
echo "Nginx non supporté, vous devrez installer manuellement"
fi
Gabriel Detraz's avatar
Gabriel Detraz committed
370

371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394
python3 manage.py createsuperuser

}

main_function() {
if [ ! -z "$1" ]
then
if [ $1 == ldap ]
then
if [ ! -z "$2" ] 
then
echo Installation du ldap
setup_ldap $2 $3
else
echo Arguments invalides !
exit
fi
fi
else
install_re2o_server
fi
}

main_function $1 $2 $3