304 lines
10 KiB
Bash
304 lines
10 KiB
Bash
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
# Source debconf library.
|
|
. /usr/share/debconf/confmodule
|
|
|
|
CONFIGFILE="/etc/alternc/local.sh"
|
|
|
|
update_var() {
|
|
local question
|
|
local var
|
|
question="$1"
|
|
var="$2"
|
|
db_get "$question"
|
|
|
|
grep -Eq "^ *$var=" $CONFIGFILE || echo "$var=" >> $CONFIGFILE
|
|
SED_SCRIPT="$SED_SCRIPT;s\\^ *$var=.*\\$var=\"$RET\"\\"
|
|
}
|
|
|
|
# summary of how this script can be called:
|
|
# * <postinst> `configure' <most-recently-configured-version>
|
|
# * <old-postinst> `abort-upgrade' <new version>
|
|
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
|
|
# <new-version>
|
|
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
|
|
# <failed-install-package> <version> `removing'
|
|
# <conflicting-package> <version>
|
|
# for details, see http://www.debian.org/doc/debian-policy/ or
|
|
# the debian-policy package
|
|
#
|
|
# quoting from the policy:
|
|
# Any necessary prompting should almost always be confined to the
|
|
# post-installation script, and should be protected with a conditional
|
|
# so that unnecessary prompting doesn't happen if a package's
|
|
# installation fails and the `postinst' is called with `abort-upgrade',
|
|
# `abort-remove' or `abort-deconfigure'.
|
|
|
|
case "$1" in
|
|
configure)
|
|
|
|
# ajoute l'user postfix au groupe sasl
|
|
adduser --quiet postfix sasl
|
|
|
|
# corriger les permissions du chroot
|
|
mkdir -p /var/spool/postfix/var/run/saslauthd || true
|
|
dpkg-statoverride --quiet --update --add root sasl 710 /var/spool/postfix/var/run/saslauthd || true
|
|
|
|
|
|
db_get "alternc/alternc_mail"
|
|
VMAIL_HOME="$RET"
|
|
if ! getent group vmail; then
|
|
addgroup --gid 1998 vmail
|
|
fi
|
|
if ! getent passwd vmail; then
|
|
useradd -g vmail -u 1998 vmail -d "$VMAIL_HOME" -m
|
|
fi
|
|
test -d "$VMAIL_HOME" || mkdir -p "$VMAIL_HOME"
|
|
chown vmail:vmail "$VMAIL_HOME"
|
|
chown vmail:vmail "$VMAIL_HOME"/* 2>/dev/null || true # It may be empty
|
|
chmod u+rxw "$VMAIL_HOME"
|
|
chmod u+rxw "$VMAIL_HOME"/* 2>/dev/null || true # It may be empty
|
|
chmod g+rxw "$VMAIL_HOME"
|
|
chmod g+rxw "$VMAIL_HOME"/* 2>/dev/null || true # It may be empty
|
|
|
|
# build local.sh if it does not exist
|
|
if [ ! -f $CONFIGFILE ]; then
|
|
cat > $CONFIGFILE <<EOF
|
|
#!/bin/sh
|
|
#
|
|
# AlternC - Web Hosting System - Configuration
|
|
# This file will be modified on package configuration
|
|
# (e.g. upgrade or dpkg-reconfigure alternc)
|
|
|
|
# Hosting service name
|
|
HOSTING=""
|
|
|
|
# Primary hostname for this box (will be used to access the management panel)
|
|
FQDN=""
|
|
|
|
# Public IP
|
|
PUBLIC_IP=""
|
|
|
|
# Internal IP
|
|
# (most of the time, should be equal to PUBLIC_IP, unless you are behind
|
|
# firewall doing address translation)
|
|
INTERNAL_IP=""
|
|
|
|
# Monitoring IP or network (will be allowed to access Apache status)
|
|
MONITOR_IP=""
|
|
|
|
# Primary DNS hostname
|
|
NS1_HOSTNAME=""
|
|
|
|
# Secondary DNS hostname
|
|
NS2_HOSTNAME=""
|
|
|
|
# Mail server hostname
|
|
DEFAULT_MX=""
|
|
|
|
# Secondary mail server hostname
|
|
DEFAULT_SECONDARY_MX=""
|
|
|
|
# Note: MySQL username/password configuration now stored in /etc/alternc/my.cnf
|
|
|
|
# quels clients mysql sont permis (%, localhost, etc)
|
|
MYSQL_CLIENT=""
|
|
|
|
# the type of backup created by the sql backup script
|
|
# valid options are "rotate" (newsyslog-style) or "date" (suffix is the date)
|
|
SQLBACKUP_TYPE=""
|
|
|
|
# overwrite existing files when backing up
|
|
SQLBACKUP_OVERWRITE=""
|
|
|
|
# known slave servers, empty for none, localhost is special (no ssh)
|
|
ALTERNC_SLAVES=""
|
|
|
|
# File to look at for forced launch of update_domain (use incron)
|
|
INOTIFY_UPDATE_DOMAIN="/var/run/alternc/inotify_update_domain.lock"
|
|
|
|
# AlternC Locations
|
|
ALTERNC_HTML=""
|
|
ALTERNC_MAIL=""
|
|
ALTERNC_LOGS=""
|
|
WEBSERVERS_LOGS=""
|
|
|
|
EOF
|
|
|
|
chown root:alterncpanel $CONFIGFILE
|
|
chmod 640 $CONFIGFILE
|
|
fi
|
|
|
|
# Update local.sh
|
|
# 1. use cp to keep permissions
|
|
# 2. add missing variable to local.sh
|
|
# 3. use sed to set variables with current values
|
|
echo "Updating $CONFIGFILE"
|
|
cp -a -f $CONFIGFILE $CONFIGFILE.tmp
|
|
# SED_SCRIPT will be modified by update_var
|
|
SED_SCRIPT=""
|
|
update_var alternc/hostingname HOSTING
|
|
update_var alternc/desktopname FQDN
|
|
update_var alternc/public_ip PUBLIC_IP
|
|
update_var alternc/internal_ip INTERNAL_IP
|
|
update_var alternc/monitor_ip MONITOR_IP
|
|
update_var alternc/ns1 NS1_HOSTNAME
|
|
update_var alternc/ns2 NS2_HOSTNAME
|
|
update_var alternc/default_mx DEFAULT_MX
|
|
update_var alternc/default_mx2 DEFAULT_SECONDARY_MX
|
|
update_var alternc/mysql/client MYSQL_CLIENT
|
|
update_var alternc/sql/backup_type SQLBACKUP_TYPE
|
|
update_var alternc/sql/backup_overwrite SQLBACKUP_OVERWRITE
|
|
update_var alternc/slaves ALTERNC_SLAVES
|
|
update_var alternc/alternc_html ALTERNC_HTML
|
|
update_var alternc/alternc_mail ALTERNC_MAIL
|
|
update_var alternc/alternc_logs ALTERNC_LOGS
|
|
update_var alternc/alternc_logs WEBSERVERS_LOGS
|
|
sed -e "$SED_SCRIPT" < $CONFIGFILE > $CONFIGFILE.tmp
|
|
mv -f $CONFIGFILE.tmp $CONFIGFILE
|
|
|
|
# Erase all apacheconf file
|
|
# They will be regenerated without the bug by upgrade_check.sh below.
|
|
if dpkg --compare-versions "$2" le "0.9.3.9-globenet14"; then
|
|
rm -f /var/alternc/apacheconf/*/* # Old AlternC version
|
|
fi
|
|
|
|
echo "checking for upgrades"
|
|
/usr/share/alternc/install/upgrade_check.sh $2
|
|
|
|
# Setup grants
|
|
db_get "alternc/mysql/host"
|
|
MYSQL_HOST="$RET"
|
|
if [ "$MYSQL_HOST" != "localhost" -o -e /usr/sbin/mysqld ]; then
|
|
# compatibility shims with my.cnf
|
|
host="$RET"
|
|
db_get "alternc/mysql/db"
|
|
database="$RET"
|
|
db_get "alternc/mysql/user"
|
|
user="$RET"
|
|
db_get "alternc/mysql/password"
|
|
password="$RET"
|
|
db_get "alternc/mysql/alternc_mail_user"
|
|
alternc_mail_user="$RET"
|
|
db_get "alternc/mysql/alternc_mail_password"
|
|
alternc_mail_password="$RET"
|
|
|
|
# we source (instead of forking) mysql.sh so that it gets the local environment above
|
|
. /usr/share/alternc/install/mysql.sh
|
|
fi
|
|
|
|
if [ -e $CONFIGFILE ]; then
|
|
# source local.sh variables
|
|
. $CONFIGFILE
|
|
fi
|
|
|
|
# multi-server configuration: we create an alternc account with
|
|
# authorized keys. since this is the master, we do not give him a
|
|
# valid shell, but we still need the user for proper perms
|
|
ALTERNC_USER_HOME="$ALTERNC_HTML"
|
|
if [ ! -z "$ALTERNC_SLAVES" ] && [ "$ALTERNC_SLAVES" != "localhost" ] ; then
|
|
if ! grep -q alternc /etc/passwd ; then
|
|
echo "Creating alternc account"
|
|
adduser --quiet --system --uid 342 --home $ALTERNC_HTML --shell /bin/false --ingroup adm alternc
|
|
fi
|
|
chown alternc "$ALTERNC_USER_HOME"
|
|
if [ -r ~root/.ssh/id_dsa.pub ]; then
|
|
key=`cat ~root/.ssh/id_dsa.pub`
|
|
if ! grep -q "$key" $ALTERNC_USER_HOME/.ssh/authorized_keys ; then
|
|
echo "Authorizing root ssh key to access the common alternc account"
|
|
mkdir -p $ALTERNC_USER_HOME/.ssh
|
|
echo "$key" >> $ALTERNC_USER_HOME/.ssh/authorized_keys
|
|
chown -R alternc:adm $ALTERNC_USER_HOME/.ssh
|
|
chmod -R og-rwx $ALTERNC_USER_HOME/.ssh
|
|
fi
|
|
else
|
|
echo "No SSH key in "~root/.ssh/id_dsa.pub
|
|
echo "create one and reconfigure alternc to propagate SSH keys"
|
|
fi
|
|
else
|
|
echo "AlternC slaves not configured ($ALTERNC_SLAVES)"
|
|
fi
|
|
|
|
# /var/alternc/dns/d/www.example.com
|
|
FQDN_LETTER="`echo $FQDN | sed -e 's/.*\.\([^\.]\)[^\.]*\.[^\.]*$/\1/'`"
|
|
if [ "$FQDN_LETTER" = "$FQDN" ]
|
|
then
|
|
FQDN_LETTER="_"
|
|
fi
|
|
|
|
#clean old access to the management panel
|
|
# We don't use this anymore : (FIXME : shall we remove /var/alternc/dns while upgrading ?)
|
|
#find /var/alternc/dns/ -type l -lname /var/alternc/bureau -exec rm {} \;
|
|
|
|
# Bind stuff
|
|
touch /var/lib/alternc/bind/automatic.conf /var/lib/alternc/bind/slaveip.conf
|
|
chown root:bind /var/lib/alternc/bind/automatic.conf /var/lib/alternc/bind/slaveip.conf
|
|
chmod 640 /var/lib/alternc/bind/automatic.conf /var/lib/alternc/bind/slaveip.conf
|
|
touch /var/run/alternc/refresh_slave
|
|
/usr/lib/alternc/slave_dns
|
|
# Apache will not start without this file
|
|
touch /var/lib/alternc/apache-vhost/vhosts_all.conf
|
|
|
|
#sudo stuff allowing alterncpanel to use quota
|
|
if [ -d /etc/sudoers.d ]; then
|
|
cp /etc/alternc/alternc-sudoers /etc/sudoers.d/alternc-sudoers
|
|
chmod 0440 /etc/sudoers.d/alternc-sudoers
|
|
if ! grep -q '#includedir /etc/sudoers.d' "/etc/sudoers"; then
|
|
echo "*************************************************"
|
|
echo "* *"
|
|
echo "* /!\ WARNING /!\ *"
|
|
echo "* Please add yourself the following directive : *"
|
|
echo "* #includedir /etc/sudoers.d *"
|
|
echo "* in file /etc/sudoers (use visudo command) *"
|
|
echo "* Else you'll have troubles with some features *"
|
|
echo "* of AlternC *"
|
|
echo "* *"
|
|
echo "*************************************************"
|
|
fi
|
|
else
|
|
echo "running an older version of sudo"
|
|
#FIXME
|
|
echo "copy content of /usr/share/doc/examples/example.sudoers into /etc/sudoers.d to run properly"
|
|
fi
|
|
|
|
# important: postinst freezes without that:
|
|
db_stop
|
|
|
|
# instead of preinst, we launch it here :
|
|
/usr/lib/alternc/fixperms.sh
|
|
echo "**********************************************"
|
|
echo "* *"
|
|
echo "* /!\ /!\ *"
|
|
echo "* ALTERNC: *"
|
|
echo "* Please run alternc.install to fully deploy *"
|
|
echo "* *"
|
|
echo "* *"
|
|
echo "* *"
|
|
echo "**********************************************"
|
|
;;
|
|
|
|
abort-upgrade|abort-remove|abort-deconfigure)
|
|
|
|
;;
|
|
|
|
*)
|
|
echo "postinst called with unknown argument \`$1'" >&2
|
|
exit 1
|
|
;;
|
|
|
|
esac
|
|
|
|
# dh_installdeb will replace this with shell code automatically
|
|
# generated by other debhelper scripts.
|
|
|
|
#DEBHELPER#
|
|
|
|
# important: postrm freezes withtout that:
|
|
db_stop
|
|
|
|
exit 0
|
|
|
|
# vim: et sw=4
|