parent
f2d8f1d095
commit
0edc69e344
@ -0,0 +1,63 @@ |
||||
#!/bin/bash |
||||
|
||||
set -e |
||||
|
||||
. "${INSTALLER_DIR}/wizard" |
||||
|
||||
input_start() { |
||||
local server_autoinstall=$(wiz_get "server/autoinstall" || echo "skip") |
||||
if [ "$server_autoinstall" = "skip" ] ; then |
||||
STATE="input_hostname" |
||||
else |
||||
STATE="done" |
||||
fi |
||||
} |
||||
|
||||
input_hostname_params() { |
||||
local default_hostname=$(hostname -f 2>/dev/null || hostname || echo "example.com") |
||||
|
||||
if ! wiz_get "server/hostname" &>/dev/null ; then |
||||
wiz_set "server/hostname" "$default_hostname" |
||||
wiz_unseen "server/hostname" |
||||
fi |
||||
|
||||
wiz_put "server/hostname" |
||||
if wiz_ask ; then |
||||
STATE="input_protocol" |
||||
else |
||||
STATE="start" |
||||
fi |
||||
} |
||||
|
||||
input_protocol_params() { |
||||
wiz_put "server/ssl" |
||||
if wiz_ask ; then |
||||
STATE="done" |
||||
else |
||||
STATE="input_hostname" |
||||
fi |
||||
} |
||||
|
||||
state_machine() { |
||||
case "$1" in |
||||
"start") |
||||
input_start |
||||
;; |
||||
"input_hostname") |
||||
input_hostname_params |
||||
;; |
||||
"input_protocol") |
||||
input_protocol_params |
||||
;; |
||||
"done") |
||||
echo "DONE" |
||||
exit 0 |
||||
;; |
||||
*) |
||||
echo "invalid state ${STATE}" |
||||
exit 1 |
||||
;; |
||||
esac |
||||
} |
||||
|
||||
wizard "start" |
@ -0,0 +1,108 @@ |
||||
#!/bin/bash |
||||
|
||||
set -e |
||||
|
||||
. ${INSTALLER_DIR}/wizard |
||||
|
||||
CLI="${APP_NAME}" |
||||
|
||||
# Check for custom gems |
||||
custom_gemfile=$(${CLI} config:get CUSTOM_PLUGIN_GEMFILE || echo "") |
||||
if [ -n "$custom_gemfile" ] && [ -f "$custom_gemfile" ]; then |
||||
|
||||
# Need to override the frozen setting for the vendored gems |
||||
${CLI} run bundle config --local frozen 0 |
||||
|
||||
# Re-bundle the application including gems |
||||
${CLI} run bundle install |
||||
|
||||
# Mark backend for recompilation in the OpenProject postinstall rake step |
||||
echo "Custom Gemfile present. Need to recompile rails assets. Setting RECOMPILE_RAILS_ASSETS=true" |
||||
${CLI} config:set RECOMPILE_RAILS_ASSETS="true" |
||||
fi |
||||
|
||||
# Check for server prefix |
||||
server_prefix=$(${CLI} config:get SERVER_PATH_PREFIX || echo "/") |
||||
if [ "$server_prefix" != "/" ]; then |
||||
echo "Server prefix is set. Need to recompile rails assets. Setting RECOMPILE_RAILS_ASSETS=true" |
||||
# Mark backend for recompilation in the OpenProject postinstall rake step |
||||
${CLI} config:set RECOMPILE_RAILS_ASSETS="true" |
||||
fi |
||||
|
||||
# Check for server prefix changes |
||||
last_server_prefix=$(${CLI} config:get SERVER_PATH_PREFIX_PREVIOUS || echo "/") |
||||
if [ "$last_server_prefix" != "$server_prefix" ]; then |
||||
echo "Server prefix was changed from ${last_server_prefix} to ${server_prefix}. Need to recompile rails assets. Setting RECOMPILE_RAILS_ASSETS=true" |
||||
# Mark backend for recompilation in the OpenProject postinstall rake step |
||||
${CLI} config:set RECOMPILE_RAILS_ASSETS="true" |
||||
fi |
||||
|
||||
|
||||
# Check if we need to compile angular as well |
||||
must_rebuild=$(${CLI} config:get RECOMPILE_ANGULAR_ASSETS || echo "") |
||||
if [ -n "$must_rebuild" ]; then |
||||
echo "RECOMPILE_ANGULAR_ASSETS was set. Installing node dependencies..." |
||||
# Skip printing audit for installation |
||||
openproject run npm set audit false |
||||
openproject run npm install --silent |
||||
fi |
||||
|
||||
# Set execjs to node since that's installed |
||||
# And we can use it for backend precompilation |
||||
${CLI} config:set EXECJS_RUNTIME="Node" |
||||
|
||||
rake_commands="db:migrate db:seed" |
||||
|
||||
# set rails_cache_store |
||||
memcached_servers="$(${CLI} config:get MEMCACHED_SERVERS || echo "")" |
||||
if [ -z "$memcached_servers" ]; then |
||||
${CLI} config:set RAILS_CACHE_STORE=file_store |
||||
else |
||||
${CLI} config:set RAILS_CACHE_STORE=memcache |
||||
fi |
||||
|
||||
# create attachments folder |
||||
attachments_path=$(${CLI} config:get ATTACHMENTS_STORAGE_PATH || echo "/var/db/${APP_NAME}/files") |
||||
mkdir -p "${attachments_path}" |
||||
chown ${APP_USER}.${APP_GROUP} "${attachments_path}" |
||||
${CLI} config:set ATTACHMENTS_STORAGE_PATH="${attachments_path}" |
||||
|
||||
# set web host |
||||
${CLI} config:set HOST=127.0.0.1 |
||||
|
||||
# set web timeout |
||||
web_timeout=$(${CLI} config:get WEB_TIMEOUT || echo "300") |
||||
${CLI} config:set WEB_TIMEOUT=${web_timeout} |
||||
|
||||
# set SECRET_KEY_BASE env variable |
||||
secret_token=$(${CLI} config:get SECRET_KEY_BASE || ${CLI} config:get SECRET_TOKEN || ${CLI} run rake -s secret | tail -1) |
||||
${CLI} config:set SECRET_KEY_BASE="$secret_token" |
||||
|
||||
# set SECRET_TOKEN env variable for backwards compatibility |
||||
${CLI} config:set SECRET_TOKEN="$secret_token" |
||||
|
||||
# set installation type |
||||
installation_type="$(${CLI} config:get OPENPROJECT_INSTALLATION__TYPE || echo "")" |
||||
if [ -z "$installation_type" ]; then |
||||
${CLI} config:set OPENPROJECT_INSTALLATION__TYPE=packager |
||||
fi |
||||
|
||||
# Allow other tasks to run before the environment is loaded |
||||
${CLI} run rake "packager:before_postinstall" |
||||
|
||||
# Use the OpenProject internal setup in one environment task |
||||
${CLI} run rake "${rake_commands} packager:postinstall" |
||||
|
||||
# For some reason RHEL8 creates files with chmod 0600 |
||||
find "${APP_HOME}/public" -type f -exec chmod 0644 {} \; |
||||
|
||||
# Allow OpenProject to perform custom initialization steps in the context of this installer |
||||
if [ -e "${APP_HOME}/packaging/scripts/postinstall" ]; then |
||||
source "${APP_HOME}/packaging/scripts/postinstall" |
||||
fi |
||||
|
||||
# scale |
||||
${CLI} scale web=1 worker=1 || true |
||||
|
||||
# restart |
||||
service ${APP_NAME} restart |
@ -0,0 +1,3 @@ |
||||
#!/bin/bash |
||||
|
||||
exit 0 |
@ -0,0 +1,15 @@ |
||||
Template: server/ssl |
||||
Type: select |
||||
Choices: no, yes |
||||
Translations: No, Yes |
||||
Default: no |
||||
Description: Do you use SSL to access _APP_NAME_ |
||||
Enabling SSL makes your _APP_NAME_ installation more secure. |
||||
. |
||||
If you choose YES, the application server will only respond to https. You need to manually configure SSL certificates for your web server. |
||||
|
||||
Template: server/hostname |
||||
Type: string |
||||
Default: www.example.com |
||||
Description: Your fully qualified domain name: |
||||
Enter the fully qualified domain name (FQDN), where this server can be reached. |
@ -0,0 +1,126 @@ |
||||
#!/bin/bash |
||||
|
||||
set -e |
||||
|
||||
. "${INSTALLER_DIR}/wizard" |
||||
|
||||
input_start() { |
||||
if [ "$(wiz_get "server/autoinstall")" = "skip" ] ; then |
||||
echo "No server installed. Skipping." |
||||
STATE="done" |
||||
else |
||||
STATE="params" |
||||
fi |
||||
} |
||||
|
||||
input_params() { |
||||
# API key for OpenProject |
||||
local random_key=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c32;echo;) |
||||
if ! wiz_get "repositories/api-key" &>/dev/null ; then |
||||
wiz_set "repositories/api-key" "${random_key}" |
||||
fi |
||||
|
||||
wiz_put "repositories/api-key" |
||||
|
||||
if wiz_ask ; then |
||||
STATE="svn_setup" |
||||
else |
||||
echo "Aborting configuration." |
||||
exit 1 |
||||
fi |
||||
} |
||||
|
||||
select_svn_installation() { |
||||
wiz_put "repositories/svn-install" |
||||
if wiz_ask ; then |
||||
RET=$(wiz_get "repositories/svn-install") |
||||
if [ "$RET" = "install" ] ; then |
||||
STATE="svn_params" |
||||
else |
||||
STATE="git_setup" |
||||
fi |
||||
else |
||||
STATE="done" |
||||
echo "SVN configuration canceled." |
||||
exit 1 |
||||
fi |
||||
} |
||||
|
||||
input_svn_params() { |
||||
# Access token for Apache wrapper |
||||
local random_key=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c32;echo;) |
||||
if ! wiz_get "repositories/apache-wrapper-token" &>/dev/null ; then |
||||
wiz_set "repositories/apache-wrapper-token" "${random_key}" |
||||
fi |
||||
|
||||
wiz_put "repositories/svn-path" |
||||
wiz_put "repositories/apache-wrapper-token" |
||||
|
||||
if wiz_ask ; then |
||||
STATE="git_setup" |
||||
else |
||||
echo "Aborting configuration." |
||||
exit 1 |
||||
fi |
||||
} |
||||
|
||||
select_git_installation() { |
||||
wiz_put "repositories/git-install" |
||||
if wiz_ask ; then |
||||
RET=$(wiz_get "repositories/git-install") |
||||
if [ "$RET" = "install" ] ; then |
||||
STATE="git_params" |
||||
else |
||||
STATE="done" |
||||
fi |
||||
else |
||||
STATE="done" |
||||
echo "Git configuration canceled." |
||||
exit 1 |
||||
fi |
||||
} |
||||
|
||||
input_git_params() { |
||||
wiz_put "repositories/git-path" |
||||
wiz_put "repositories/git-http-backend" |
||||
|
||||
if wiz_ask ; then |
||||
STATE="done" |
||||
else |
||||
echo "Aborting configuration." |
||||
exit 1 |
||||
fi |
||||
} |
||||
|
||||
state_machine() { |
||||
case "$1" in |
||||
"start") |
||||
input_start |
||||
;; |
||||
"params") |
||||
input_params |
||||
;; |
||||
"svn_setup") |
||||
select_svn_installation |
||||
;; |
||||
"svn_params") |
||||
input_svn_params |
||||
;; |
||||
"git_setup") |
||||
select_git_installation |
||||
;; |
||||
"git_params") |
||||
input_git_params |
||||
;; |
||||
"done") |
||||
echo "DONE" |
||||
exit 0 |
||||
;; |
||||
*) |
||||
echo "invalid state: ${STATE}" |
||||
exit 1 |
||||
;; |
||||
esac |
||||
} |
||||
|
||||
wizard "start" |
@ -0,0 +1,302 @@ |
||||
#!/bin/bash |
||||
|
||||
set -e |
||||
|
||||
. ${INSTALLER_DIR}/wizard |
||||
|
||||
CLI="${APP_NAME}" |
||||
VHOST_INCLUDES_DIR="/etc/${APP_NAME}/addons/apache2/includes/vhost" |
||||
SERVER_INCLUDES_DIR="/etc/${APP_NAME}/addons/apache2/includes/server" |
||||
OSFAMILY="$(wiz_fact osfamily)" |
||||
SERVER_USER=$(${CLI} config:get SERVER_USER || echo "") |
||||
SERVER_GROUP=$(${CLI} config:get SERVER_GROUP || echo "") |
||||
SERVER_PATH_PREFIX=$(${CLI} config:get SERVER_PATH_PREFIX || echo "") |
||||
INTERNAL_PORT=$(${CLI} config:get PORT || echo "6000") |
||||
INTERNAL_URL="http://127.0.0.1:${INTERNAL_PORT}${SERVER_PATH_PREFIX}" |
||||
|
||||
## |
||||
# Create and set proper permissions to the given SVN repositories root |
||||
create_svn_repositories() { |
||||
local svn_repositories="$(wiz_get "repositories/svn-path")" |
||||
if [ ! -d "$svn_repositories" ] ; then |
||||
mkdir -p "$svn_repositories" |
||||
fi |
||||
|
||||
# Ensure permissions are set to what we need |
||||
chown ${SERVER_USER}.${SERVER_GROUP} "$svn_repositories" |
||||
chmod 2770 "$svn_repositories" |
||||
|
||||
${CLI} config:set SVN_REPOSITORIES="$svn_repositories" |
||||
|
||||
if [ "$OSFAMILY" = "redhat" ] ; then |
||||
chcon -R -h -t httpd_sys_content_t "$svn_repositories" || true |
||||
chcon -R -h -t httpd_sys_rw_content_t "$svn_repositories" || true |
||||
fi |
||||
} |
||||
|
||||
## |
||||
# Create and set proper permissions to the given GIT repositories root |
||||
create_git_repositories() { |
||||
local git_repositories="$(wiz_get "repositories/git-path")" |
||||
local git_http_backend="$(wiz_get "repositories/git-http-backend")" |
||||
|
||||
if [ ! -d "$git_repositories" ] ; then |
||||
mkdir -p "$git_repositories" |
||||
fi |
||||
|
||||
# Ensure permissions are set to what we need |
||||
chown ${APP_USER}.${SERVER_GROUP} "$git_repositories" |
||||
chmod 2770 "$git_repositories" |
||||
|
||||
${CLI} config:set GIT_REPOSITORIES="$git_repositories" |
||||
|
||||
if [ "$OSFAMILY" = "redhat" ] ; then |
||||
chcon -R -h -t httpd_sys_content_t "$git_repositories" || true |
||||
chcon -R -h -t httpd_sys_rw_content_t "$git_repositories" || true |
||||
|
||||
# selinux requires the file, NOT the path, so remove the trailing |
||||
# slash we require elsewhere |
||||
git_http_backend_file=${git_http_backend%/} |
||||
chcon -t httpd_git_script_exec_t "$git_http_backend_file" || true |
||||
chcon -R -t httpd_git_rw_content_t "$git_repositories" || true |
||||
fi |
||||
} |
||||
|
||||
## |
||||
# Determine whether the given vendor (svn/git) |
||||
# has been selected for installation in the wizard. |
||||
vendor_selected() { |
||||
local VENDOR="$1" |
||||
VENDOR_CHOICE=$(wiz_get "repositories/$VENDOR-install") |
||||
|
||||
[ "$VENDOR_CHOICE" = "install" ] |
||||
} |
||||
|
||||
|
||||
configure_api_key() { |
||||
local sys_api_key="$(wiz_get "repositories/api-key")" |
||||
${CLI} config:set SYS_API_KEY="${sys_api_key}" |
||||
} |
||||
|
||||
reload_apache2() { |
||||
case "$OSFAMILY" in |
||||
"debian"|"suse") |
||||
service apache2 restart || true |
||||
;; |
||||
"redhat") |
||||
service httpd restart || true |
||||
;; |
||||
esac |
||||
} |
||||
|
||||
## |
||||
# Enable an included vhost configuration |
||||
enable_apache2_vhost_include() { |
||||
local output="$1" |
||||
chmod 0640 "$output" |
||||
|
||||
if [ "$OSFAMILY" = "redhat" ] ; then |
||||
# deal with SELinux |
||||
chcon -t httpd_config_t "$dst" || true |
||||
fi |
||||
} |
||||
|
||||
## |
||||
# Replace the configuration templates in 'svn_dav.conf' |
||||
# and output the configured file as an Apache vhost configuration. |
||||
setup_svn_configuration() { |
||||
local apikey="$1" |
||||
local src="conf/vhost/svn_dav.conf" |
||||
local dst="$VHOST_INCLUDES_DIR/svn_dav.conf" |
||||
local svn_repositories="$(wiz_get "repositories/svn-path")" |
||||
|
||||
tmpfile=$(mktemp) |
||||
cp -f "$src" "$tmpfile" |
||||
sed -i "s|_SVN_REPOSITORIES_|${svn_repositories}|g" ${tmpfile} |
||||
sed -i "s|_APP_URI_|${INTERNAL_URL}|g" ${tmpfile} |
||||
sed -i "s|_APP_API_KEY_|${sys_api_key}|g" ${tmpfile} |
||||
sed -i "s|_SERVER_PATH_PREFIX_|${SERVER_PATH_PREFIX}|g" ${tmpfile} |
||||
mv -f "$tmpfile" "$dst" |
||||
|
||||
enable_apache2_vhost_include "$dst" |
||||
} |
||||
|
||||
## |
||||
# Configures the Apache repoman wrapper to create and delete SVN repositories |
||||
# through a simple API |
||||
# in order to bypass permission problems created when pushing to mod_svn / Apache |
||||
setup_subversion_wrapper() { |
||||
local access_token="$1" |
||||
local src="conf/vhost/repoman_svn_wrapper.conf" |
||||
local dst="$VHOST_INCLUDES_DIR/repoman_svn_wrapper.conf" |
||||
local svn_repositories="$(wiz_get "repositories/svn-path")" |
||||
|
||||
tmpfile=$(mktemp) |
||||
cp -f "$src" "$tmpfile" |
||||
sed -i "s|_REPOMAN_ACCESS_TOKEN_|${access_token}|g" ${tmpfile} |
||||
sed -i "s|_SVN_REPOSITORIES_|${svn_repositories}|g" ${tmpfile} |
||||
sed -i "s|_SERVER_PATH_PREFIX_|${SERVER_PATH_PREFIX}|g" ${tmpfile} |
||||
mv -f "$tmpfile" "$dst" |
||||
|
||||
${CLI} config:set SVN_REPOMAN_TOKEN="$access_token" |
||||
${CLI} config:set SVN_REPOMAN_URL="http://127.0.0.1${SERVER_PATH_PREFIX}repoman_svn" |
||||
|
||||
enable_apache2_vhost_include "$dst" |
||||
} |
||||
|
||||
|
||||
## |
||||
# Create a vhost for the repository wrapper to be accessed by localhost |
||||
setup_subversion_vhost() { |
||||
local src="conf/server/20_repoman_svn_vhost.conf" |
||||
local dst="$SERVER_INCLUDES_DIR/20_repoman_svn_vhost.conf" |
||||
local repoman_location="$VHOST_INCLUDES_DIR/repoman_svn_wrapper.conf" |
||||
|
||||
tmpfile=$(mktemp) |
||||
cp -f "$src" "$tmpfile" |
||||
sed -i "s|_REPOMAN_SVN_CONF_LOCATION_|${repoman_location}|g" ${tmpfile} |
||||
mv -f "$tmpfile" "$dst" |
||||
|
||||
enable_apache2_vhost_include "$dst" |
||||
} |
||||
|
||||
|
||||
## |
||||
# Replace the configuration templates in 'git_smart_http.conf' |
||||
# and output the configured file as an Apache vhost configuration. |
||||
setup_git_configuration() { |
||||
local apikey="$1" |
||||
local src="conf/vhost/git_smart_http.conf" |
||||
local dst="$VHOST_INCLUDES_DIR/git_smart_http.conf" |
||||
local git_repositories="$(wiz_get "repositories/git-path")" |
||||
local git_http_backend="$(wiz_get "repositories/git-http-backend")" |
||||
|
||||
# Force trailing slash if missing to treat as CGI script |
||||
trailing=${git_http_backend:length-1:1} |
||||
[[ $trailing != "/" ]] && git_http_backend="${git_http_backend}/"; : |
||||
|
||||
tmpfile=$(mktemp) |
||||
cp -f "$src" "$tmpfile" |
||||
sed -i "s|_GIT_REPOSITORIES_|${git_repositories}|g" ${tmpfile} |
||||
sed -i "s|_GIT_HTTP_BACKEND_|${git_http_backend}|g" ${tmpfile} |
||||
sed -i "s|_APP_URI_|${INTERNAL_URL}|g" ${tmpfile} |
||||
sed -i "s|_APP_API_KEY_|${sys_api_key}|g" ${tmpfile} |
||||
sed -i "s|_SERVER_PATH_PREFIX_|${SERVER_PATH_PREFIX}|g" ${tmpfile} |
||||
mv -f "$tmpfile" "$dst" |
||||
|
||||
enable_apache2_vhost_include "$dst" |
||||
} |
||||
|
||||
## |
||||
# Let openproject be a member of the apache group |
||||
# for easier group-based sharing of repository directories |
||||
add_openproject_to_apache_group() { |
||||
if usermod --help 2>&1 | grep -- "-A group" &>/dev/null ; then |
||||
# sles11 |
||||
usermod -A "${SERVER_GROUP}" "${APP_USER}" |
||||
else |
||||
usermod -a -G "${SERVER_GROUP}" "${APP_USER}" |
||||
fi |
||||
} |
||||
|
||||
## |
||||
# Configure the correct perl include path for loading |
||||
# the OpenProjectAuthentication perl module. |
||||
# Configure and write SVN and Git configuration files as Apache vhosts. |
||||
configure_apache2_server() { |
||||
local sys_api_key="$(wiz_get "repositories/api-key")" |
||||
local repositories_perl_conf="$SERVER_INCLUDES_DIR/00_repositories_perl.conf" |
||||
|
||||
# Delete old configuration, if it exists |
||||
local old_repositories_perl_conf="$SERVER_INCLUDES_DIR/repositories_perl.conf" |
||||
if [ -e ${old_repositories_perl_conf} ] ; then |
||||
rm -f ${old_repositories_perl_conf} |
||||
fi |
||||
|
||||
case "$OSFAMILY" in |
||||
"debian") |
||||
mkdir -p /usr/lib/perl5/Apache/ |
||||
cp -f "${APP_HOME}/extra/Apache/OpenProjectAuthentication.pm" /usr/lib/perl5/Apache/ |
||||
cp -f "${APP_HOME}/extra/Apache/OpenProjectRepoman.pm" /usr/lib/perl5/Apache/ |
||||
cat - <<SERVER_CONF > "$repositories_perl_conf" |
||||
PerlSwitches -I/usr/lib/perl5 |
||||
PerlLoadModule Apache::OpenProjectAuthentication |
||||
PerlLoadModule Apache::OpenProjectRepoman |
||||
PerlInitHandler Apache2::Reload |
||||
PerlSetVar ReloadAll Off |
||||
SERVER_CONF |
||||
;; |
||||
"redhat") |
||||
local perl_dir="/usr/lib64/perl5/Apache/" |
||||
mkdir -p $perl_dir |
||||
cp -f "${APP_HOME}/extra/Apache/OpenProjectAuthentication.pm" "$perl_dir" |
||||
cp -f "${APP_HOME}/extra/Apache/OpenProjectRepoman.pm" "$perl_dir" |
||||
cat - <<SERVER_CONF > "$repositories_perl_conf" |
||||
PerlSwitches -I/usr/lib64/perl5/vendor_perl |
||||
PerlLoadModule Apache::OpenProjectAuthentication |
||||
PerlLoadModule Apache::OpenProjectRepoman |
||||
PerlInitHandler Apache2::Reload |
||||
PerlSetVar ReloadAll Off |
||||
SERVER_CONF |
||||
;; |
||||
"suse") |
||||
local perl_version="$(perl -e 'print substr $^V, 1;')" |
||||
local perl_dir="/usr/lib/perl5/vendor_perl/${perl_version}/Apache" |
||||
mkdir -p "$perl_dir" |
||||
cp -f "${APP_HOME}/extra/Apache/OpenProjectAuthentication.pm" "$perl_dir" |
||||
cp -f "${APP_HOME}/extra/Apache/OpenProjectRepoman.pm" "$perl_dir" |
||||
echo "PerlLoadModule Apache::OpenProjectAuthentication" > "$repositories_perl_conf" |
||||
echo "PerlLoadModule Apache::OpenProjectRepoman" >> "$repositories_perl_conf" |
||||
;; |
||||
esac |
||||
|
||||
# Install SVN and Git when requested |
||||
if vendor_selected "svn"; then |
||||
echo "Setting up SVN integration for Apache" |
||||
|
||||
# Install Apache wrapper |
||||
local apache_wrapper_token="$(wiz_get "repositories/apache-wrapper-token")" |
||||
setup_subversion_wrapper "$apache_wrapper_token" |
||||
setup_subversion_vhost |
||||
|
||||
setup_svn_configuration "$sys_api_key" |
||||
create_svn_repositories |
||||
fi |
||||
|
||||
if vendor_selected "git"; then |
||||
echo "Setting up Git integration for Apache" |
||||
setup_git_configuration "$sys_api_key" |
||||
create_git_repositories |
||||
fi |
||||
|
||||
reload_apache2 |
||||
} |
||||
|
||||
install_apache_configuration() { |
||||
${CLI} config:set SVN_REPOSITORIES="" |
||||
${CLI} config:set GIT_REPOSITORIES="" |
||||
|
||||
if vendor_selected "svn" || vendor_selected "git"; then |
||||
configure_apache2_server |
||||
add_openproject_to_apache_group |
||||
else |
||||
echo "No repositories have been configured. Skipping configuration." |
||||
fi |
||||
} |
||||
|
||||
case "$(wiz_get "server/autoinstall")" in |
||||
"skip") |
||||
# vhost and config removal is already taken care of by the server wizard |
||||
;; |
||||
"install") |
||||
configure_api_key |
||||
case "$(wiz_get "server/variant")" in |
||||
"apache2") |
||||
install_apache_configuration |
||||
;; |
||||
*) |
||||
echo "Unsupported server variant." |
||||
;; |
||||
esac |
||||
;; |
||||
esac |
@ -0,0 +1,74 @@ |
||||
#!/bin/bash |
||||
|
||||
set -e |
||||
|
||||
. ${INSTALLER_DIR}/wizard |
||||
|
||||
OSFAMILY="$(wiz_fact osfamily)" |
||||
OSVERSION="$(wiz_fact osversion)" |
||||
|
||||
install_required_dependencies_for_apache2() { |
||||
local dependencies="" |
||||
case "$OSFAMILY" in |
||||
"debian") |
||||
dependencies="subversion git libapache2-mod-perl2 libjson-perl" |
||||
for dependency in $dependencies ; do |
||||
wiz_check_package "$dependency" || apt-get install -y "$dependency" |
||||
done |
||||
|
||||
if apt-cache show "libapache2-svn" &>/dev/null ; then |
||||
wiz_check_package "libapache2-svn" || apt-get install -y libapache2-svn |
||||
else |
||||
# debian 9 |
||||
wiz_check_package "libapache2-mod-svn" || apt-get install -y libapache2-mod-svn |
||||
fi |
||||
|
||||
a2enmod perl |
||||
a2enmod dav |
||||
a2enmod dav_svn |
||||
a2enmod cgi |
||||
;; |
||||
"redhat") |
||||
dependencies="mod_dav_svn subversion git mod_perl perl-Digest-SHA perl-libwww-perl perl-JSON" |
||||
case "$OSVERSION" in |
||||
8*) |
||||
dependencies="$dependencies perl-Apache-Reload" |
||||
;; |
||||
esac |
||||
for dependency in $dependencies ; do |
||||
wiz_check_package "$dependency" || yum install -y "$dependency" |
||||
done |
||||
|
||||
wiz_set "repositories/git-http-backend" "/usr/libexec/git-core/git-http-backend/" |
||||
;; |
||||
"suse") |
||||
dependencies="subversion git subversion-server apache2-mod_perl perl-Digest-SHA1 perl-libwww-perl perl-JSON" |
||||
for dependency in $dependencies ; do |
||||
wiz_check_package "$dependency" || zypper install -y "$dependency" |
||||
done |
||||
|
||||
wiz_set "repositories/git-http-backend" "/usr/lib/git/git-http-backend" |
||||
|
||||
a2enmod perl |
||||
a2enmod dav |
||||
a2enmod dav_svn |
||||
a2enmod cgi |
||||
|
||||
;; |
||||
esac |
||||
} |
||||
|
||||
case "$(wiz_get "server/autoinstall")" in |
||||
"skip") |
||||
;; |
||||
"install") |
||||
case "$(wiz_get "server/variant")" in |
||||
"apache2") |
||||
install_required_dependencies_for_apache2 |
||||
;; |
||||
*) |
||||
echo "Unsupported server variant." |
||||
;; |
||||
esac |
||||
;; |
||||
esac |
@ -0,0 +1,7 @@ |
||||
<VirtualHost 127.0.0.1:80> |
||||
ServerName localhost |
||||
|
||||
# Include the repoman configuration in order |
||||
# to access the repository from localhost |
||||
Include _REPOMAN_SVN_CONF_LOCATION_ |
||||
</VirtualHost> |
@ -0,0 +1,36 @@ |
||||
ProxyPass _SERVER_PATH_PREFIX_git/ ! |
||||
|
||||
# see https://www.kernel.org/pub/software/scm/git/docs/git-http-backend.html for details |
||||
# needs mod_cgi to work -> a2enmod cgi |
||||
SetEnv GIT_PROJECT_ROOT "_GIT_REPOSITORIES_" |
||||
|
||||
# Allow all repositories within the root to be exported |
||||
# depending on the authorization of OpenProject |
||||
SetEnv GIT_HTTP_EXPORT_ALL |
||||
|
||||
# Set the remote user based on the redirect. |
||||
# If not set, receive-pack service will be disabled by default. |
||||
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER |
||||
|
||||
ScriptAlias _SERVER_PATH_PREFIX_git/ "_GIT_HTTP_BACKEND_" |
||||
<Location _SERVER_PATH_PREFIX_git/> |
||||
ErrorDocument 401 default |
||||
ErrorDocument 403 default |
||||
ErrorDocument 404 default |
||||
|
||||
AuthType Basic |
||||
AuthName "OpenProject GIT" |
||||
Require valid-user |
||||
|
||||
<IfModule !mod_authz_core.c> |
||||
Order deny,allow |
||||
Allow from all |
||||
</IfModule> |
||||
|
||||
PerlAccessHandler Apache::OpenProjectAuthentication::access_handler |
||||
PerlAuthenHandler Apache::OpenProjectAuthentication::authen_handler |
||||
|
||||
OpenProjectGitSmartHttp yes |
||||
OpenProjectUrl '_APP_URI_' |
||||
OpenProjectApiKey '_APP_API_KEY_' |
||||
</Location> |
@ -0,0 +1,24 @@ |
||||
ProxyPass _SERVER_PATH_PREFIX_repoman_svn ! |
||||
|
||||
<Location _SERVER_PATH_PREFIX_repoman_svn> |
||||
SetHandler perl-script |
||||
|
||||
<IfModule mod_authz_core.c> |
||||
Require local |
||||
</IfModule> |
||||
|
||||
<IfModule !mod_authz_core.c> |
||||
Order Deny,Allow |
||||
Deny from all |
||||
Allow from 127.0.0.1 ::1 localhost |
||||
</IfModule> |
||||
|
||||
# Sets the access token secret to check against |
||||
AccessSecret "_REPOMAN_ACCESS_TOKEN_" |
||||
|
||||
# Configure pairs of (vendor, path) to the wrapper |
||||
PerlAddVar ScmVendorPaths "subversion" |
||||
PerlAddVar ScmVendorPaths "_SVN_REPOSITORIES_" |
||||
|
||||
PerlResponseHandler Apache::OpenProjectRepoman |
||||
</Location> |
@ -0,0 +1,33 @@ |
||||
ProxyPass _SERVER_PATH_PREFIX_svn/ ! |
||||
|
||||
<Location _SERVER_PATH_PREFIX_svn/> |
||||
ErrorDocument 401 default |
||||
ErrorDocument 403 default |
||||
ErrorDocument 404 default |
||||
|
||||
DAV svn |
||||
SVNParentPath "_SVN_REPOSITORIES_" |
||||
|
||||
# Avoid listing available repositories |
||||
SVNListParentPath Off |
||||
|
||||
# Avoid path-based authorization |
||||
SVNPathAuthz Off |
||||
|
||||
<IfModule !mod_authz_core.c> |
||||
Order deny,allow |
||||
Allow from all |
||||
</IfModule> |
||||
|
||||
DirectorySlash Off |
||||
|
||||
AuthType Basic |
||||
AuthName "OpenProject SVN" |
||||
Require valid-user |
||||
|
||||
PerlAccessHandler Apache::OpenProjectAuthentication::access_handler |
||||
PerlAuthenHandler Apache::OpenProjectAuthentication::authen_handler |
||||
|
||||
OpenProjectUrl '_APP_URI_' |
||||
OpenProjectApiKey '_APP_API_KEY_' |
||||
</Location> |
@ -0,0 +1,45 @@ |
||||
Template: repositories/svn-install |
||||
Type: select |
||||
Choices: skip, install |
||||
Translations: Skip, Install Subversion repository support |
||||
Default: skip |
||||
Description: Do you want to use this wizard to setup Subversion repositories support for _APP_NAME_? |
||||
We can automatically set up to create and host Subversion repositories using Apache. |
||||
. |
||||
If you choose NOT to use this wizard, you will have to manually setup Subversion support if you decide to use it at some later point. |
||||
|
||||
Template: repositories/git-install |
||||
Type: select |
||||
Choices: skip, install |
||||
Translations: Skip, Install Git repository support |
||||
Default: skip |
||||
Description: Do you want to use this wizard to setup Git repositories support for _APP_NAME_? |
||||
We can automatically set up to create and host Git repositories using Apache. |
||||
. |
||||
If you choose NOT to use this wizard, you will have to manually setup Git support if you decide to use it at some later point. |
||||
|
||||
Template: repositories/svn-path |
||||
Type: string |
||||
Default: /var/db/_APP_NAME_/svn |
||||
Description: Enter the path to the directory that hosts the SVN repositories: |
||||
|
||||
Template: repositories/git-path |
||||
Type: string |
||||
Default: /var/db/_APP_NAME_/git |
||||
Description: Enter the path to the directory that hosts the Git repositories: |
||||
|
||||
Template: repositories/git-http-backend |
||||
Type: string |
||||
Default: /usr/lib/git-core/git-http-backend/ |
||||
Description: Enter the path to the git http backend CGI directory. |
||||
Please note that the trailing slash is mandatory. |
||||
|
||||
Template: repositories/api-key |
||||
Type: string |
||||
Description: Enter the API key used to communicate with _APP_NAME_: |
||||
For the repository integration to work, an API key is required. |
||||
|
||||
Template: repositories/apache-wrapper-token |
||||
Type: string |
||||
Description: Enter the access key used to communicate repository changes with the Apache webserver: |
||||
For the repository integration of Subversion to work, this access key is required. |
Loading…
Reference in new issue