PageRenderTime 192ms CodeModel.GetById 100ms app.highlight 20ms RepoModel.GetById 61ms app.codeStats 5ms

/silverlining/server-sync-scripts/update-server-script.sh

https://bitbucket.org/ianb/silverlining/
Shell | 87 lines | 59 code | 12 blank | 16 comment | 4 complexity | 1047abbeae2014e6f525a03a17cda15e MD5 | raw file
 1## Fix locale
 2locale-gen en_US en_US.UTF-8
 3dpkg-reconfigure locales
 4update-locale LANG=en_US.UTF-8
 5
 6## Set up a standard user for managing apps (www-mgr)
 7if [ ! -e /home/www-mgr ] ; then
 8    ## --gecos=none suppresses the querying for name, room #, etc.:
 9    adduser --disabled-password --gecos=none www-mgr
10    mkdir -p -m 700 /home/www-mgr/.ssh
11    cp /root/.ssh/authorized_keys /home/www-mgr/.ssh/authorized_keys
12    chown -R www-mgr:www-mgr /home/www-mgr/.ssh/
13    chmod 600 /home/www-mgr/.ssh/*
14fi
15
16## Make www-data part of the adm group, which means it can read
17## /var/log/apache2 and other log files
18adduser www-data adm > /dev/null # output is boring
19
20# For some reason this is only readable by root:
21chmod a+r /etc/hosts
22
23
24if [ ! -e /var/www/appdata.map ] ; then
25    echo "not-found / default-notfound|general_debug|/dev/null/|python|
26disabled / default-disabled|general_debug|/dev/null|python|
27" > /var/www/appdata.map
28fi
29touch /var/www/disabledapps.txt
30chown www-mgr:www-mgr /var/www/appdata.map /var/www/disabledapps.txt
31
32## Now setup Apache.  Ubuntu installs 000-default, which we don't
33## want, so we delete it, and make sure the necessary modules are
34## enabled:
35a2enmod rewrite > /dev/null
36a2enmod headers > /dev/null
37a2enmod deflate > /dev/null
38if [ -e /etc/apache2/sites-enabled/000-default ] ; then
39    rm /etc/apache2/sites-enabled/000-default
40fi
41
42## These are restarted in the background, to make it faster:
43echo "Restarting apache2 and varnish"
44/etc/init.d/apache2 restart &>/dev/null &
45/etc/init.d/varnish restart &>/dev/null &
46
47## Make sure some standard directories are in place, ownership is
48## correct, etc.:
49mkdir -p /var/silverlining/build-files
50mkdir -p /var/log/silverlining-setup
51mkdir -p /var/log/silverlining
52mkdir -p /var/log/silverlining/apps
53chown www-data:www-data /var/log/silverlining/apps
54mkdir -p /var/www
55mkdir -p /var/lib/silverlining
56mkdir -p /var/lib/silverlining/backups
57mkdir -p /var/lib/silverlining/tmp
58mkdir -p /var/lib/silverlining/configs
59chown www-data:www-data /var/lib/silverlining/tmp
60rm -f /var/www/index.html
61chown www-mgr:www-mgr /var/www /var/lib/silverlining/backups /var/lib/silverlining/configs
62chown -R root:root /usr/local/share/silverlining/
63# Sometimes it has been reported that the executable bit isn't rsync'd over properly:
64chmod 755 /usr/local/share/silverlining/mgr-scripts/*.py
65chmod 0440 /etc/sudoers
66chown www-mgr:www-mgr /var/lib/silverlining
67# Make sure the support files are compiled:
68python -m compileall -q /usr/local/share/silverlining/lib/
69python -m compileall -q /usr/local/share/silverlining/mgr-scripts/
70
71## This is just a piece of configuration I (Ian) like:
72sed -i "s/ -backup/-backup/" /etc/joe/jmacsrc
73
74## Make sure there's a secret:
75if [ ! -e /var/lib/silverlining/secret.txt ] ; then
76    python -c '
77import os, base64, sys
78secret = base64.b64encode(os.urandom(24), "_-").strip("=")
79sys.stdout.write(secret)' > /var/lib/silverlining/secret.txt
80    chown root /var/lib/silverlining/secret.txt
81fi
82
83echo "Rerun setup-node on $(date)
84Run by: __REMOTE_USER__
85----------------------------------------
86
87" >> /var/log/silverlining/setup-node.log