Z revisou este gist . Ir para a revisão
Sem alterações
z revisou este gist . Ir para a revisão
Sem alterações
z revisou este gist . Ir para a revisão
1 file changed, 173 insertions
rcal_install.sh(arquivo criado)
| @@ -0,0 +1,173 @@ | |||
| 1 | + | # radicale.install: | |
| 2 | + | # https://radicale.org/v3.html | |
| 3 | + | # docker-radicale: Docker image for Radicale calendar and contact server - https://github.com/tomsquest/docker-radicale | |
| 4 | + | # - How to use sed to remove all double quotes within a file - Stack Overflow - https://stackoverflow.com/questions/7635807/how-to-use-sed-to-remove-all-double-quotes-within-a-file | |
| 5 | + | alias rcal.install="radicale.install" | |
| 6 | + | alias ical.install="radicale.install" | |
| 7 | + | radicale.install(){ | |
| 8 | + | ||
| 9 | + | # Config vars # | |
| 10 | + | app_domain="${1:-"cal.$org_domain"}" | |
| 11 | + | app_user="${2:-"op"}" # Company domain name | |
| 12 | + | app_name="rcal" | |
| 13 | + | app_path="/data/${app_name}" | |
| 14 | + | #app_version="0.2.0" | |
| 15 | + | app_port="5232" | |
| 16 | + | app_config="$app_path/config/config" | |
| 17 | + | app_password="" | |
| 18 | + | vault="/data/.vault/" | |
| 19 | + | data_path="$app_path/${app_name}_data" | |
| 20 | + | PUID="$(id -u)" | |
| 21 | + | PGID="$(id -g)" | |
| 22 | + | ||
| 23 | + | ||
| 24 | + | # Setup paths # | |
| 25 | + | mkdir -p "$app_path/config" | |
| 26 | + | ||
| 27 | + | echo cd "$app_path" | |
| 28 | + | cd "$app_path" | |
| 29 | + | if [ ! $? == "0" ];then | |
| 30 | + | err "Failed to cd \"$app_path\"" | |
| 31 | + | return 1 | |
| 32 | + | fi | |
| 33 | + | ||
| 34 | + | # Vault app password | |
| 35 | + | if [[ ! -e "$vault/$app_name" ]];then | |
| 36 | + | # if empty then create password | |
| 37 | + | app_password="$(openssl rand -base64 32 | tr -cd "[:alnum:]")" | |
| 38 | + | echo "$app_password" > "$vault/$app_name" | |
| 39 | + | fi | |
| 40 | + | app_password="$(cat "$vault/$app_name")" | |
| 41 | + | ||
| 42 | + | ||
| 43 | + | # Install App 3 # | |
| 44 | + | echo git clone https://github.com/tomsquest/docker-radicale | |
| 45 | + | git clone https://github.com/tomsquest/docker-radicale | |
| 46 | + | cd ./docker-radicale | |
| 47 | + | if [ ! $? == "0" ];then | |
| 48 | + | err "Failed to cd \"$app_path\"" | |
| 49 | + | return 1 | |
| 50 | + | fi | |
| 51 | + | ||
| 52 | + | # Reset and Update docker-radicale | |
| 53 | + | echo git reset --hard origin | |
| 54 | + | git reset --hard origin | |
| 55 | + | echo git pull | |
| 56 | + | git pull | |
| 57 | + | ||
| 58 | + | # if file does not exists | |
| 59 | + | if [[ ! -e "$app_path/config/config-example" ]];then | |
| 60 | + | # not exists | |
| 61 | + | echo cp --no-clobber "$app_path/docker-radicale/config" "$app_path/config/config-example" | |
| 62 | + | cp --no-clobber "$app_path/docker-radicale/config" "$app_path/config/config-example" | |
| 63 | + | fi | |
| 64 | + | ||
| 65 | + | ||
| 66 | + | # Setup User Password | |
| 67 | + | if [[ ! -e "$app_path/config/users" ]];then | |
| 68 | + | # Create User | |
| 69 | + | touch "$app_path/config/users" | |
| 70 | + | echo htpasswd "$app_path/config/users" op | |
| 71 | + | htpasswd "$app_path/config/users" op | |
| 72 | + | fi | |
| 73 | + | ||
| 74 | + | # Setup Server Cert | |
| 75 | + | if [[ ! -e "$app_path/config/server_cert.pem" ]];then | |
| 76 | + | # Create Server Cert | |
| 77 | + | echo openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/server_key.pem" -out "$app_path/config/server_cert.pem" -nodes -days 9999 | |
| 78 | + | openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/server_key.pem" -out "$app_path/config/server_cert.pem" -nodes -days 9999 | |
| 79 | + | ||
| 80 | + | echo openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/client_key.pem" -out "$app_path/config/client_cert.pem" -nodes -days 9999 | |
| 81 | + | openssl req -x509 -newkey rsa:4096 -keyout "$app_path/config/client_key.pem" -out "$app_path/config/client_cert.pem" -nodes -days 9999 | |
| 82 | + | fi | |
| 83 | + | ||
| 84 | + | echo chmod 644 "$app_path/config/"*.pem | |
| 85 | + | chmod 644 "$app_path/config/"*.pem | |
| 86 | + | ||
| 87 | + | ||
| 88 | + | #if [[ ! -e "$app_config" ]];then | |
| 89 | + | ||
| 90 | + | rm "$app_config" | |
| 91 | + | touch "$app_config" | |
| 92 | + | dasel put -r toml -w toml -t string -f "$app_config" "server.hosts" -v "0.0.0.0:5232" | |
| 93 | + | dasel put -r toml -w toml -t bool -f "$app_config" "server.ssl" -v "false" | |
| 94 | + | dasel put -r toml -w toml -t string -f "$app_config" "server.certificate" -v "/config/server_cert.pem" | |
| 95 | + | dasel put -r toml -w toml -t string -f "$app_config" "server.key" -v "/config/server_key.pem" | |
| 96 | + | dasel put -r toml -w toml -t string -f "$app_config" "auth.type" -v "htpasswd" | |
| 97 | + | dasel put -r toml -w toml -t string -f "$app_config" "auth.htpasswd_filename" -v "/config/users" | |
| 98 | + | dasel put -r toml -w toml -t string -f "$app_config" "auth.htpasswd_encryption" -v "md5" | |
| 99 | + | dasel put -r toml -w toml -t string -f "$app_config" "storage.filesystem_folder" -v "/data/collections" | |
| 100 | + | dasel put -r toml -w toml -t string -f "$app_config" "web.type" -v "internal" | |
| 101 | + | dasel put -r toml -w toml -t string -f "$app_config" "logging.level" -v "warning" | |
| 102 | + | dasel put -r toml -w toml -t bool -f "$app_config" "logging.mask_passwords" -v "true" | |
| 103 | + | dasel put -r toml -w toml -t string -f "$app_config" "headers.Access-Control-Allow-Origin" -v "*" | |
| 104 | + | ||
| 105 | + | ||
| 106 | + | # Radicale config is not TOML compatable | |
| 107 | + | # Quick Fix: Remove double quotes | |
| 108 | + | sed -i 's/\"//g' "$app_config" | |
| 109 | + | ||
| 110 | + | #echo cat "$app_config" | |
| 111 | + | #cat "$app_config" | |
| 112 | + | ||
| 113 | + | #fi | |
| 114 | + | ||
| 115 | + | ||
| 116 | + | # Create folder $data_path | |
| 117 | + | echo sudo mkdir -p "$data_path" | |
| 118 | + | sudo mkdir -p "$data_path" | |
| 119 | + | ||
| 120 | + | # Set permissions $data_path | |
| 121 | + | #echo sudo chown -R 1000:1000 "$data_path" | |
| 122 | + | #sudo chown -R 1000:1000 "$data_path" | |
| 123 | + | ||
| 124 | + | # Contain App. Write docker-compose config. 4 | |
| 125 | + | sudo tee "./docker-compose.yml" > /dev/null <<EOF | |
| 126 | + | services: | |
| 127 | + | $app_name: | |
| 128 | + | image: tomsquest/docker-radicale | |
| 129 | + | container_name: $app_name-$(hostname) | |
| 130 | + | user: "$PUID:$PGID" | |
| 131 | + | environment: | |
| 132 | + | - PUID=$PUID | |
| 133 | + | - PGID=$PGID | |
| 134 | + | - USER_UID=$PUID | |
| 135 | + | - USER_GID=$PGID | |
| 136 | + | ports: | |
| 137 | + | - $app_port:5232 | |
| 138 | + | init: true | |
| 139 | + | read_only: true | |
| 140 | + | security_opt: | |
| 141 | + | - no-new-privileges:true | |
| 142 | + | cap_drop: | |
| 143 | + | - ALL | |
| 144 | + | cap_add: | |
| 145 | + | - SETUID | |
| 146 | + | - SETGID | |
| 147 | + | - CHOWN | |
| 148 | + | - KILL | |
| 149 | + | healthcheck: | |
| 150 | + | test: curl -f https://$org_domain || exit 1 | |
| 151 | + | interval: 30s | |
| 152 | + | retries: 3 | |
| 153 | + | restart: always | |
| 154 | + | volumes: | |
| 155 | + | - "$data_path:/data:rw" | |
| 156 | + | - "$app_path/config:/config:rw" | |
| 157 | + | EOF | |
| 158 | + | ||
| 159 | + | echo web $app_path | |
| 160 | + | ||
| 161 | + | echo cat ./docker-compose.yml | |
| 162 | + | cat ./docker-compose.yml | |
| 163 | + | ||
| 164 | + | # Run App. LIVE! | |
| 165 | + | echo Running $app_name docker container in the background. | |
| 166 | + | echo sudo docker-compose up -d | |
| 167 | + | sudo docker-compose up -d | |
| 168 | + | ||
| 169 | + | echo https://$(host.ip):$app_port | |
| 170 | + | ||
| 171 | + | ||
| 172 | + | } | |
| 173 | + | # --- | |
Próximo
Anterior