AlternC/install/alternc.install

#!/bin/sh
#
# AlternC Main install script.
# This script should be launched only once, when installing AlternC
# on a new server. THIS SCRIPT ERASE ALL DATA ON THE AlternC SYSTEM !!
# YOU HAVE BEEN WARNED !

# This script now assumes it has MySQL connectivity through
# /etc/alternc/my.cnf

set -e 

. /usr/lib/alternc/functions.sh

#######################################################################
# Script configuration
#

# Configuration template location
TEMPLATE_DIR="/etc/alternc/templates"

# Find needed configuration files (without the initial '/')
# replace this one unconditionnally
CONFIG_FILES="etc/alternc/bureau.conf"

if [ -e /etc/bind/named.conf ]; then
    CONFIG_FILES="$CONFIG_FILES etc/bind/templates/zone.template
                  etc/bind/templates/named.template etc/bind/named.conf"
fi
if [ -e /etc/courier/authdaemonrc ]; then
    CONFIG_FILES="$CONFIG_FILES etc/courier/authdaemonrc
                  etc/courier/authmysqlrc"
fi
if [ -d /etc/postfix ]; then
    CONFIG_FILES="$CONFIG_FILES etc/postfix/myalias.cf
                  etc/postfix/mydomain.cf etc/postfix/mygid.cf
                  etc/postfix/myvirtual.cf etc/postfix/sasl/smtpd.conf"
fi
if [ -e /etc/proftpd/proftpd.conf ]; then
    CONFIG_FILES="$CONFIG_FILES etc/proftpd/proftpd.conf etc/proftpd/welcome.msg etc/proftpd/modules.conf"
fi
if [ -e /etc/squirrelmail/apache.conf ]; then
    CONFIG_FILES="$CONFIG_FILES etc/squirrelmail/apache.conf"
fi

if [ -e /etc/default/saslauthd ]; then
    CONFIG_FILES="$CONFIG_FILES etc/default/saslauthd"
fi

INSTALLED_CONFIG_TAR="/var/backups/alternc/etc-installed.tar.gz"

#######################################################################
# Look for modified configuration files
#
if [ -f "$INSTALLED_CONFIG_TAR" ]; then
    CHANGED="`env LANG=C tar -zdf "$INSTALLED_CONFIG_TAR" -C / 2> /dev/null | 
              grep -v 'postfix/main.cf' | grep -v 'Uid differs'|grep -v 'Gid differs'  |grep -v 'Mode differs' | 
              sed -e 's/^\([^:]*\).*/    \1/' | sort -u`"
    if [ ! -z "$CHANGED" ]; then
        echo "The following configuration files has changed since last AlternC"
        echo "installation :"
        echo "$CHANGED"
        echo ""
        if [ "$1" = "force" ]; then
            echo "Replacing them as you requested."
        else
            echo "These configuration files should normally be modified by"
            echo "changing the template in $TEMPLATE_DIR and then calling"
            echo "$0 to perform the update."
            echo ""
            echo "Please examine the situation closely and call '$0 force'"
            echo "if you still want to actually overwrite these files."
            exit 1
        fi
    fi
fi

#######################################################################
# Prepare template expansions
#

. /etc/alternc/local.sh

# XXX: copy-paste from debian/config
if [ -r /etc/alternc/my.cnf ]; then
    # make mysql configuration available as shell variables
    # to convert from .cnf to shell syntax, we:
    # * match only lines with "equal" in them (/=/)
    # * remove whitespace around the = and add a left quote operator ' (;s)
    # * add a right quote operator at the end of line (;s)
    # * convert mysql variables into our MYSQL_ naming convention (;s)
    # * print the result (;p)
    eval `sed -n -e "/=/{s/ *= *\"\?/='/;s/\"\?\$/'/;s/host/MYSQL_HOST/;s/user/MYSQL_USER/;s/password/MYSQL_PASS/;s/database/MYSQL_DATABASE/;p}" /etc/alternc/my.cnf`
    chown root:www-data /etc/alternc/my.cnf
    chmod 640 /etc/alternc/my.cnf
fi

WARNING="WARNING: Do not edit this file, edit the one in /etc/alternc/templates and launch alternc.install again."

VERSION="`dpkg -s alternc | sed -n -e 's/^Version: \(.*\)/\1/p'`"

# /var/alternc/dns/d/www.example.com
FQDN_LETTER="`echo $FQDN | sed -e 's/.*\.\([^\.]\)[^\.]*\.[^\.]*$/\1/'`"
if [ "$FQDN_LETTER" = "$FQDN" ] 
then
       FQDN_LETTER="_" 
fi

NS2_IP=`perl -e "\\$h = (gethostbyname(\"$NS2_HOSTNAME\"))[4];
                 @ip = unpack('C4', \\$h);
                 print join (\".\", @ip);"`

if [ ! -z "$BIND_INTERNAL" ]; then
    BIND_INTERNAL="$BIND_INTERNAL;"
fi

if [ -z "$MONITOR_IP" ]; then
    MONITOR_IP="127.0.0.1"
fi

# XXX: I assume this is secure if /tmp is sticky (+t)
# we should have a better way to deal with templating, of course.
SED_SCRIPT=`mktemp`
cat > $SED_SCRIPT <<EOF
s\\%%hosting%%\\$HOSTING\\;
s\\%%fqdn%%\\$FQDN\\;
s\\%%public_ip%%\\$PUBLIC_IP\\;
s\\%%internal_ip%%\\$INTERNAL_IP\\;
s\\%%monitor_ip%%\\$MONITOR_IP\\;
s\\%%ns1%%\\$NS1_HOSTNAME\\;
s\\%%ns2%%\\$NS2_HOSTNAME\\;
s\\%%bind_internal%%\\$BIND_INTERNAL\\;
s\\%%mx%%\\$DEFAULT_MX\\;
s\\%%dbhost%%\\$MYSQL_HOST\\;
s\\%%dbname%%\\$MYSQL_DATABASE\\;
s\\%%dbuser%%\\$MYSQL_USER\\;
s\\%%dbpwd%%\\$MYSQL_PASS\\;
s\\%%ALTERNC_LOC%%\\$ALTERNC_LOC\\;
s\\%%warning_message%%\\$WARNING\\;
s\\%%fqdn_lettre%%\\$FQDN_LETTER\\;
s\\%%version%%\\$VERSION\\;
s\\%%ns2_ip%%\\$NS2_IP\\;
EOF

#######################################################################
# Backup configuration files
#
BACKUP_FILE="/var/backups/alternc/etc-original-`date +%Y%m%d-%H%M`.tar.gz"

# Only backup what we are really going to replace
BACKUPS=""
for file in $CONFIG_FILES; do
    TEMPLATE="$TEMPLATE_DIR/${file##etc/}"
    if [ -f "$TEMPLATE" ]; then
        BACKUPS="$BACKUPS $file"
    fi
done

# also backup main.cf since we're doing major changes to it
BACKUPS="$BACKUPS etc/postfix/main.cf"
tar -zcf "$BACKUP_FILE" -C / $BACKUPS 2>/dev/null || true

#######################################################################
# Expand templates in the right place
#
echo -n "Expanding variables in configuration files:"
for file in $CONFIG_FILES; do
    TEMPLATE="$TEMPLATE_DIR/${file##etc/}"
    echo -n " $file"
    if [ -f "$TEMPLATE" ]; then
        sed -f "$SED_SCRIPT" < $TEMPLATE > /$file
    fi
done
echo "."
rm -f $SED_SCRIPT

#######################################################################
# Save installed files to check them during next install
#
tar -zcf "$INSTALLED_CONFIG_TAR" -C / $CONFIG_FILES

######################################################################## 
# Ad-hoc fixes
#

php="`ls /usr/lib/apache*/*/*php*.so | sed -e 's/^.*libphp\(.\)\.so$/php\1/' | tail -1`"
if [ -x /usr/sbin/apache ]
then
    # Enable vhost_alias apache module at the right place (ie: BEFORE mod_alias)
    if ! grep -q "vhost_alias_module" /etc/apache/modules.conf
    then
        sed -i -e 's/^\(LoadModule.*config_log.*\)$/LoadModule vhost_alias_module \/usr\/lib\/apache\/1.3\/mod_vhost_alias.so\n\1/' /etc/apache/modules.conf
    fi
    echo "LoadModule ${php}_module /usr/lib/apache/1.3/lib${php}.so" | append_no_dupe /etc/apache/modules.conf
    echo "LoadModule ${php}_module /usr/lib/apache/1.3/lib${php}.so" | append_no_dupe /etc/apache-ssl/modules.conf
    SERVICES="$SERVICES apache apache-ssl"
fi
if [ -x /usr/sbin/apache2 ] &&  ! ( [ -L /etc/apache2/mods-enabled/vhost_alias.load ] && [ -L /etc/apache2/mods-enabled/$php.load ] )
then
    a2enmod vhost_alias
    a2enmod $php
    SERVICES="$SERVICES apache2"
fi

# Copy postfix *_checks if they do not exist
for file in body_checks header_checks; do
    if [ ! -e "/etc/postfix/$file" ]; then
        cp /usr/share/alternc/install/$file /etc/postfix
    fi
done

# Attribute the correct rights to critical postfix files
if [ -e /etc/postfix/myalias.cf -o -e /etc/postfix/mydomain.cf -o -e /etc/postfix/mygid.cf -o -e /etc/postfix/myvirtual.cf ]; then
    chown root:postfix /etc/postfix/my*
    chmod 640 /etc/postfix/my*
fi

# configure postfix appropriatly for our needs"
while read line
do
   postconf -e $line
done < /etc/alternc/postfix.cf

while read line
do
   postconf -e $line
done <<EOF
myhostname = $FQDN
myorigin = $FQDN
EOF

if [ -e /etc/courier/authmysqlrc ] ; then
    chown root:root /etc/courier/authmysqlrc
    chmod 640 /etc/courier/authmysqlrc
fi

if [ -e /etc/proftpd.conf ] ; then
    chmod 640 /etc/proftpd/proftpd.conf
fi

if [ -x /usr/sbin/locale-gen ] ; then
    touch /etc/locale.gen
    LOCALECHANGED=""
    # Add de_DE ISO-8859-1, en_US ISO-8859-1, es_ES ISO-8859-1, fr_FR ISO-8859-1 to the locales : 
    if ! grep -q "^de_DE ISO-8859-1$" /etc/locale.gen ; then
	echo "de_DE ISO-8859-1" >>/etc/locale.gen
	LOCALECHANGED=1
    fi
    if ! grep -q "^en_US ISO-8859-1$" /etc/locale.gen ; then
	echo "en_US ISO-8859-1" >>/etc/locale.gen
	LOCALECHANGED=1
    fi
    if ! grep -q "^es_ES ISO-8859-1$" /etc/locale.gen ; then
	echo "es_ES ISO-8859-1" >>/etc/locale.gen
	LOCALECHANGED=1
    fi
    if ! grep -q "^fr_FR ISO-8859-1$" /etc/locale.gen ; then 
	echo "fr_FR ISO-8859-1" >>/etc/locale.gen
	LOCALECHANGED=1
    fi
    if [ "$LOCALECHANGED" ] ; then
	locale-gen
    fi
fi

#######################################################################
# Reload services
#
for service in $SERVICES postfix bind9 courier-authdaemon \
               courier-imap courier-imap-ssl courier-pop courier-pop-ssl \
               cron proftpd; do
    invoke-rc.d $service reload || true
done

#######################################################################
# Last touches
#

# Creating admin user if needed
HAS_ROOT=`mysql --defaults-file=/etc/alternc/my.cnf -e "SELECT COUNT(*) FROM membres WHERE login = 'admin' OR login = 'root' and su = 1" | tail -1`
if [ "$HAS_ROOT" != "1" ]; then
    echo "Creating admin user..."
    echo ""

    if su - www-data -c /usr/share/alternc/install/newone.php
      then
      echo "*******************************************"
      echo "*                                         *"
      echo "*               Admin account             *"
      echo "*               ------------              *"
      echo "*                                         *"
      echo "* user: admin             password: admin *"
      echo "*                                         *"
      echo "* Please change this as soon as possible! *"
      echo "*                                         *"
      echo "*******************************************"
    else
      echo "Il a <20>t<EFBFBD> impossible de cr<63>er un nouveau membre alternc. newone.php a retourn<72> un code d'erreur $?. V<>rifiez si la base MySQL, PHP, ainsi que le fichier local.sh sont bien configur<75>s. V<>rifiez aussi si des erreurs ne sont pas apparues plus haut dans l'installation."
    fi
fi

# We should restart apaches after all configuration stuff ...
for service in apache apache-ssl apache2 ; do
    test -x /etc/init.d/$service && invoke-rc.d $service stop || true
done
for service in apache apache-ssl apache2 ; do
    test -x /etc/init.d/$service && invoke-rc.d $service start || true
done