diff --git a/bin/configure.sh b/bin/configure.sh old mode 100755 new mode 100644 index 8e3538b7..2c743352 --- a/bin/configure.sh +++ b/bin/configure.sh @@ -1,116 +1,45 @@ #!/bin/bash # This script copies a deployment config over the root directory (installing it), # and then generates necessary secrets if they are not yet existing. # To avoid re-generating secrets store them in a config.secrets file, which will be appended to the .env file before checking # for existing secrets. # This script is no longer used if containers are used as the webapp container will overlay the config itself. # Uninstall the old config if [ -d config ]; then echo "Uninstalling the old config." find -L config/ -type f | while read file; do file=$(echo $file | sed -e 's|^config||g') file="./$file" rm -v $file done fi if [ "$1" == "" ]; then echo "Failed to find the configuration folder, please pass one as argument (e.g. config.demo)." exit 1 fi if [ ! -d $1 ]; then echo "Failed to find the configuration folder, please pass one as argument (e.g. config.demo)." exit 1 fi echo "Installing $1." # Link new config rm config ln -s $1 config # Install new config find -L config/ -type f | while read file; do dir=$(dirname $file | sed -e 's|^config||g') dir="./$dir" if [ ! -d $dir ]; then mkdir -p $dir fi cp -v $file $dir/ done -if [ -f config.secrets ]; then - # Add local secrets - echo "" >> src/.env - cat config.secrets >> src/.env -fi - -# Generate random secrets -if ! grep -q "COTURN_STATIC_SECRET" .env; then - COTURN_STATIC_SECRET=$(openssl rand -hex 32); - echo "COTURN_STATIC_SECRET=${COTURN_STATIC_SECRET}" >> src/.env -fi - -if ! grep -q "MEET_WEBHOOK_TOKEN" .env; then - MEET_WEBHOOK_TOKEN=$(openssl rand -hex 32); - echo "MEET_WEBHOOK_TOKEN=${MEET_WEBHOOK_TOKEN}" >> src/.env -fi - -if ! grep -q "MEET_SERVER_TOKEN" .env; then - MEET_SERVER_TOKEN=$(openssl rand -hex 32); - echo "MEET_SERVER_TOKEN=${MEET_SERVER_TOKEN}" >> src/.env -fi - -if ! grep -q "APP_KEY=base64:" .env; then - APP_KEY=$(openssl rand -base64 32); - echo "APP_KEY=base64:${APP_KEY}" >> src/.env -fi - -if ! grep -q "PASSPORT_PROXY_OAUTH_CLIENT_ID=" .env; then - PASSPORT_PROXY_OAUTH_CLIENT_ID=$(uuidgen); - echo "PASSPORT_PROXY_OAUTH_CLIENT_ID=${PASSPORT_PROXY_OAUTH_CLIENT_ID}" >> src/.env -fi - -if ! grep -q "PASSPORT_PROXY_OAUTH_CLIENT_SECRET=" .env; then - PASSPORT_PROXY_OAUTH_CLIENT_SECRET=$(openssl rand -base64 32); - echo "PASSPORT_PROXY_OAUTH_CLIENT_SECRET=${PASSPORT_PROXY_OAUTH_CLIENT_SECRET}" >> src/.env -fi - -if ! grep -q "PASSPORT_PUBLIC_KEY=|PASSPORT_PRIVATE_KEY=" .env; then - PASSPORT_PRIVATE_KEY=$(openssl genrsa 4096); - echo "PASSPORT_PRIVATE_KEY=\"${PASSPORT_PRIVATE_KEY}\"" >> src/.env - - PASSPORT_PUBLIC_KEY=$(echo "$PASSPORT_PRIVATE_KEY" | openssl rsa -pubout 2>/dev/null) - echo "PASSPORT_PUBLIC_KEY=\"${PASSPORT_PUBLIC_KEY}\"" >> src/.env -fi - -if ! grep -q "DES_KEY=" .env; then - DES_KEY=$(openssl rand -base64 24); - echo "DES_KEY=${DES_KEY}" >> src/.env -fi - -bin/update-git-refs.sh - -# Customize configuration -sed -i \ - -e "s/{{ host }}/${HOST:-kolab.local}/g" \ - -e "s/{{ openexchangerates_api_key }}/${OPENEXCHANGERATES_API_KEY}/g" \ - -e "s/{{ firebase_api_key }}/${FIREBASE_API_KEY}/g" \ - -e "s/{{ public_ip }}/${PUBLIC_IP:-172.18.0.1}/g" \ - -e "s/{{ admin_password }}/${ADMIN_PASSWORD}/g" \ - src/.env - -if [ -f /etc/letsencrypt/live/${HOST}/cert.pem ]; then - echo "Using the available letsencrypt certificate for ${HOST}" - cat >> .env << EOF -KOLAB_SSL_CERTIFICATE=/etc/letsencrypt/live/${HOST}/cert.pem -KOLAB_SSL_CERTIFICATE_FULLCHAIN=/etc/letsencrypt/live/${HOST}/fullchain.pem -KOLAB_SSL_CERTIFICATE_KEY=/etc/letsencrypt/live/${HOST}/privkey.pem -PROXY_SSL_CERTIFICATE=/etc/letsencrypt/live/${HOST}/fullchain.pem -PROXY_SSL_CERTIFICATE_KEY=/etc/letsencrypt/live/${HOST}/privkey.pem -EOF -fi diff --git a/bin/update-git-refs.sh b/bin/update-git-refs.sh deleted file mode 100755 index fe5270f8..00000000 --- a/bin/update-git-refs.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -updateVar() { - NAME=$1 - #TODO pin option that translates to a commit hash via - # git ls-remote --exit-code -h "https://git.kolab.org/source/kolab" refs/heads/master - REF=$2 - if ! grep -q "$NAME=" src/.env; then - echo "$1=$REF" >> src/.env - else - echo "s/$NAME=.*/$NAME=$REF/" - sed -i "s|$NAME=.*|$NAME=$REF|" src/.env - fi -} - -updateVar KOLAB_GIT_REF "${KOLAB_GIT_REF:-master}" -updateVar KOLAB_GIT_REMOTE "${KOLAB_GIT_REMOTE:-https://git.kolab.org/source/kolab}" -updateVar GIT_REF_ROUNDCUBEMAIL "${GIT_REF_ROUNDCUBEMAIL:-dev/kolab-1.5}" -updateVar GIT_REMOTE_ROUNDCUBEMAIL "${GIT_REMOTE_ROUNDCUBEMAIL:-https://git.kolab.org/source/roundcubemail.git}" -updateVar GIT_REF_ROUNDCUBEMAIL_PLUGINS "${GIT_REF_ROUNDCUBEMAIL_PLUGINS:-master}" -updateVar GIT_REMOTE_ROUNDCUBEMAIL_PLUGINS "${GIT_REMOTE_ROUNDCUBEMAIL_PLUGINS:-https://git.kolab.org/diffusion/RPK/roundcubemail-plugins-kolab.git}" -updateVar GIT_REF_CHWALA "${GIT_REF_CHWALA:-master}" -updateVar GIT_REMOTE_CHWALA "${GIT_REMOTE_CHWALA:-https://git.kolab.org/diffusion/C/chwala.git}" -updateVar GIT_REF_SYNCROTON "${GIT_REF_SYNCROTON:-master}" -updateVar GIT_REMOTE_SYNCROTON "${GIT_REMOTE_SYNCROTON:-https://git.kolab.org/diffusion/S/syncroton.git}" -updateVar GIT_REF_AUTOCONF "${GIT_REF_SYNCROTON:-master}" -updateVar GIT_REMOTE_AUTOCONF "${GIT_REMOTE_AUTOCONF:-https://git.kolab.org/diffusion/AC/autoconf.git}" -updateVar GIT_REF_IRONY "${GIT_REF_IRONY:-master}" -updateVar GIT_REMOTE_IRONY "${GIT_REMOTE_IRONY:-https://git.kolab.org/source/iRony.git}" -updateVar GIT_REF_FREEBUSY "${GIT_REF_FREEBUSY:-master}" -updateVar GIT_REMOTE_FREEBUSY "${GIT_REMOTE_FREEBUSY:-https://git.kolab.org/diffusion/F/freebusy.git}" -updateVar IMAP_GIT_REF "${IMAP_GIT_REF:-dev/kolab-3.6}" -updateVar IMAP_GIT_REMOTE "${IMAP_GIT_REMOTE:-https://git.kolab.org/source/cyrus-imapd}"