rcal_install.sh
· 5.1 KiB · Bash
Raw
# radicale.install:
# https://radicale.org/v3.html
# docker-radicale: Docker image for Radicale calendar and contact server - https://github.com/tomsquest/docker-radicale
# - How to use sed to remove all double quotes within a file - Stack Overflow - https://stackoverflow.com/questions/7635807/how-to-use-sed-to-remove-all-double-quotes-within-a-file
alias rcal.install="radicale.install"
alias ical.install="radicale.install"
radicale.install(){
# Config vars #
app_domain="${1:-"cal.$org_domain"}"
app_user="${2:-"op"}" # Company domain name
app_name="rcal"
app_path="/data/${app_name}"
#app_version="0.2.0"
app_port="5232"
app_config="$app_path/config/config"
app_password=""
vault="/data/.vault/"
data_path="$app_path/${app_name}_data"
PUID="$(id -u)"
PGID="$(id -g)"
# Setup paths #
mkdir -p "$app_path/config"
echo cd "$app_path"
cd "$app_path"
if [ ! $? == "0" ];then
err "Failed to cd \"$app_path\""
return 1
fi
# Vault app password
if [[ ! -e "$vault/$app_name" ]];then
# if empty then create password
app_password="$(openssl rand -base64 32 | tr -cd "[:alnum:]")"
echo "$app_password" > "$vault/$app_name"
fi
app_password="$(cat "$vault/$app_name")"
# Install App 3 #
echo git clone https://github.com/tomsquest/docker-radicale
git clone https://github.com/tomsquest/docker-radicale
cd ./docker-radicale
if [ ! $? == "0" ];then
err "Failed to cd \"$app_path\""
return 1
fi
# Reset and Update docker-radicale
echo git reset --hard origin
git reset --hard origin
echo git pull
git pull
# if file does not exists
if [[ ! -e "$app_path/config/config-example" ]];then
# not exists
echo cp --no-clobber "$app_path/docker-radicale/config" "$app_path/config/config-example"
cp --no-clobber "$app_path/docker-radicale/config" "$app_path/config/config-example"
fi
# Setup User Password
if [[ ! -e "$app_path/config/users" ]];then
# Create User
touch "$app_path/config/users"
echo htpasswd "$app_path/config/users" op
htpasswd "$app_path/config/users" op
fi
# Setup Server Cert
if [[ ! -e "$app_path/config/server_cert.pem" ]];then
# Create Server Cert
echo openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/server_key.pem" -out "$app_path/config/server_cert.pem" -nodes -days 9999
openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/server_key.pem" -out "$app_path/config/server_cert.pem" -nodes -days 9999
echo openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/client_key.pem" -out "$app_path/config/client_cert.pem" -nodes -days 9999
openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/client_key.pem" -out "$app_path/config/client_cert.pem" -nodes -days 9999
fi
echo chmod 644 "$app_path/config/"*.pem
chmod 644 "$app_path/config/"*.pem
#if [[ ! -e "$app_config" ]];then
rm "$app_config"
touch "$app_config"
dasel put -r toml -w toml -t string -f "$app_config" "server.hosts" -v "0.0.0.0:5232"
dasel put -r toml -w toml -t bool -f "$app_config" "server.ssl" -v "false"
dasel put -r toml -w toml -t string -f "$app_config" "server.certificate" -v "/config/server_cert.pem"
dasel put -r toml -w toml -t string -f "$app_config" "server.key" -v "/config/server_key.pem"
dasel put -r toml -w toml -t string -f "$app_config" "auth.type" -v "htpasswd"
dasel put -r toml -w toml -t string -f "$app_config" "auth.htpasswd_filename" -v "/config/users"
dasel put -r toml -w toml -t string -f "$app_config" "auth.htpasswd_encryption" -v "md5"
dasel put -r toml -w toml -t string -f "$app_config" "storage.filesystem_folder" -v "/data/collections"
dasel put -r toml -w toml -t string -f "$app_config" "web.type" -v "internal"
dasel put -r toml -w toml -t string -f "$app_config" "logging.level" -v "warning"
dasel put -r toml -w toml -t bool -f "$app_config" "logging.mask_passwords" -v "true"
dasel put -r toml -w toml -t string -f "$app_config" "headers.Access-Control-Allow-Origin" -v "*"
# Radicale config is not TOML compatable
# Quick Fix: Remove double quotes
sed -i 's/\"//g' "$app_config"
#echo cat "$app_config"
#cat "$app_config"
#fi
# Create folder $data_path
echo sudo mkdir -p "$data_path"
sudo mkdir -p "$data_path"
# Set permissions $data_path
#echo sudo chown -R 1000:1000 "$data_path"
#sudo chown -R 1000:1000 "$data_path"
# Contain App. Write docker-compose config. 4
sudo tee "./docker-compose.yml" > /dev/null <<EOF
services:
$app_name:
image: tomsquest/docker-radicale
container_name: $app_name-$(hostname)
user: "$PUID:$PGID"
environment:
- PUID=$PUID
- PGID=$PGID
- USER_UID=$PUID
- USER_GID=$PGID
ports:
- $app_port:5232
init: true
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- SETUID
- SETGID
- CHOWN
- KILL
healthcheck:
test: curl -f https://$org_domain || exit 1
interval: 30s
retries: 3
restart: always
volumes:
- "$data_path:/data:rw"
- "$app_path/config:/config:rw"
EOF
echo web $app_path
echo cat ./docker-compose.yml
cat ./docker-compose.yml
# Run App. LIVE!
echo Running $app_name docker container in the background.
echo sudo docker-compose up -d
sudo docker-compose up -d
echo https://$(host.ip):$app_port
}
# ---
| 1 | # radicale.install: |
| 2 | # https://radicale.org/v3.html |
| 3 | # docker-radicale: Docker image for Radicale calendar and contact server - https://github.com/tomsquest/docker-radicale |
| 4 | # - How to use sed to remove all double quotes within a file - Stack Overflow - https://stackoverflow.com/questions/7635807/how-to-use-sed-to-remove-all-double-quotes-within-a-file |
| 5 | alias rcal.install="radicale.install" |
| 6 | alias ical.install="radicale.install" |
| 7 | radicale.install(){ |
| 8 | |
| 9 | # Config vars # |
| 10 | app_domain="${1:-"cal.$org_domain"}" |
| 11 | app_user="${2:-"op"}" # Company domain name |
| 12 | app_name="rcal" |
| 13 | app_path="/data/${app_name}" |
| 14 | #app_version="0.2.0" |
| 15 | app_port="5232" |
| 16 | app_config="$app_path/config/config" |
| 17 | app_password="" |
| 18 | vault="/data/.vault/" |
| 19 | data_path="$app_path/${app_name}_data" |
| 20 | PUID="$(id -u)" |
| 21 | PGID="$(id -g)" |
| 22 | |
| 23 | |
| 24 | # Setup paths # |
| 25 | mkdir -p "$app_path/config" |
| 26 | |
| 27 | echo cd "$app_path" |
| 28 | cd "$app_path" |
| 29 | if [ ! $? == "0" ];then |
| 30 | err "Failed to cd \"$app_path\"" |
| 31 | return 1 |
| 32 | fi |
| 33 | |
| 34 | # Vault app password |
| 35 | if [[ ! -e "$vault/$app_name" ]];then |
| 36 | # if empty then create password |
| 37 | app_password="$(openssl rand -base64 32 | tr -cd "[:alnum:]")" |
| 38 | echo "$app_password" > "$vault/$app_name" |
| 39 | fi |
| 40 | app_password="$(cat "$vault/$app_name")" |
| 41 | |
| 42 | |
| 43 | # Install App 3 # |
| 44 | echo git clone https://github.com/tomsquest/docker-radicale |
| 45 | git clone https://github.com/tomsquest/docker-radicale |
| 46 | cd ./docker-radicale |
| 47 | if [ ! $? == "0" ];then |
| 48 | err "Failed to cd \"$app_path\"" |
| 49 | return 1 |
| 50 | fi |
| 51 | |
| 52 | # Reset and Update docker-radicale |
| 53 | echo git reset --hard origin |
| 54 | git reset --hard origin |
| 55 | echo git pull |
| 56 | git pull |
| 57 | |
| 58 | # if file does not exists |
| 59 | if [[ ! -e "$app_path/config/config-example" ]];then |
| 60 | # not exists |
| 61 | echo cp --no-clobber "$app_path/docker-radicale/config" "$app_path/config/config-example" |
| 62 | cp --no-clobber "$app_path/docker-radicale/config" "$app_path/config/config-example" |
| 63 | fi |
| 64 | |
| 65 | |
| 66 | # Setup User Password |
| 67 | if [[ ! -e "$app_path/config/users" ]];then |
| 68 | # Create User |
| 69 | touch "$app_path/config/users" |
| 70 | echo htpasswd "$app_path/config/users" op |
| 71 | htpasswd "$app_path/config/users" op |
| 72 | fi |
| 73 | |
| 74 | # Setup Server Cert |
| 75 | if [[ ! -e "$app_path/config/server_cert.pem" ]];then |
| 76 | # Create Server Cert |
| 77 | echo openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/server_key.pem" -out "$app_path/config/server_cert.pem" -nodes -days 9999 |
| 78 | openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/server_key.pem" -out "$app_path/config/server_cert.pem" -nodes -days 9999 |
| 79 | |
| 80 | echo openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/client_key.pem" -out "$app_path/config/client_cert.pem" -nodes -days 9999 |
| 81 | openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/client_key.pem" -out "$app_path/config/client_cert.pem" -nodes -days 9999 |
| 82 | fi |
| 83 | |
| 84 | echo chmod 644 "$app_path/config/"*.pem |
| 85 | chmod 644 "$app_path/config/"*.pem |
| 86 | |
| 87 | |
| 88 | #if [[ ! -e "$app_config" ]];then |
| 89 | |
| 90 | rm "$app_config" |
| 91 | touch "$app_config" |
| 92 | dasel put -r toml -w toml -t string -f "$app_config" "server.hosts" -v "0.0.0.0:5232" |
| 93 | dasel put -r toml -w toml -t bool -f "$app_config" "server.ssl" -v "false" |
| 94 | dasel put -r toml -w toml -t string -f "$app_config" "server.certificate" -v "/config/server_cert.pem" |
| 95 | dasel put -r toml -w toml -t string -f "$app_config" "server.key" -v "/config/server_key.pem" |
| 96 | dasel put -r toml -w toml -t string -f "$app_config" "auth.type" -v "htpasswd" |
| 97 | dasel put -r toml -w toml -t string -f "$app_config" "auth.htpasswd_filename" -v "/config/users" |
| 98 | dasel put -r toml -w toml -t string -f "$app_config" "auth.htpasswd_encryption" -v "md5" |
| 99 | dasel put -r toml -w toml -t string -f "$app_config" "storage.filesystem_folder" -v "/data/collections" |
| 100 | dasel put -r toml -w toml -t string -f "$app_config" "web.type" -v "internal" |
| 101 | dasel put -r toml -w toml -t string -f "$app_config" "logging.level" -v "warning" |
| 102 | dasel put -r toml -w toml -t bool -f "$app_config" "logging.mask_passwords" -v "true" |
| 103 | dasel put -r toml -w toml -t string -f "$app_config" "headers.Access-Control-Allow-Origin" -v "*" |
| 104 | |
| 105 | |
| 106 | # Radicale config is not TOML compatable |
| 107 | # Quick Fix: Remove double quotes |
| 108 | sed -i 's/\"//g' "$app_config" |
| 109 | |
| 110 | #echo cat "$app_config" |
| 111 | #cat "$app_config" |
| 112 | |
| 113 | #fi |
| 114 | |
| 115 | |
| 116 | # Create folder $data_path |
| 117 | echo sudo mkdir -p "$data_path" |
| 118 | sudo mkdir -p "$data_path" |
| 119 | |
| 120 | # Set permissions $data_path |
| 121 | #echo sudo chown -R 1000:1000 "$data_path" |
| 122 | #sudo chown -R 1000:1000 "$data_path" |
| 123 | |
| 124 | # Contain App. Write docker-compose config. 4 |
| 125 | sudo tee "./docker-compose.yml" > /dev/null <<EOF |
| 126 | services: |
| 127 | $app_name: |
| 128 | image: tomsquest/docker-radicale |
| 129 | container_name: $app_name-$(hostname) |
| 130 | user: "$PUID:$PGID" |
| 131 | environment: |
| 132 | - PUID=$PUID |
| 133 | - PGID=$PGID |
| 134 | - USER_UID=$PUID |
| 135 | - USER_GID=$PGID |
| 136 | ports: |
| 137 | - $app_port:5232 |
| 138 | init: true |
| 139 | read_only: true |
| 140 | security_opt: |
| 141 | - no-new-privileges:true |
| 142 | cap_drop: |
| 143 | - ALL |
| 144 | cap_add: |
| 145 | - SETUID |
| 146 | - SETGID |
| 147 | - CHOWN |
| 148 | - KILL |
| 149 | healthcheck: |
| 150 | test: curl -f https://$org_domain || exit 1 |
| 151 | interval: 30s |
| 152 | retries: 3 |
| 153 | restart: always |
| 154 | volumes: |
| 155 | - "$data_path:/data:rw" |
| 156 | - "$app_path/config:/config:rw" |
| 157 | EOF |
| 158 | |
| 159 | echo web $app_path |
| 160 | |
| 161 | echo cat ./docker-compose.yml |
| 162 | cat ./docker-compose.yml |
| 163 | |
| 164 | # Run App. LIVE! |
| 165 | echo Running $app_name docker container in the background. |
| 166 | echo sudo docker-compose up -d |
| 167 | sudo docker-compose up -d |
| 168 | |
| 169 | echo https://$(host.ip):$app_port |
| 170 | |
| 171 | |
| 172 | } |
| 173 | # --- |