From a6e9be59b83167b8a28e68351c04553b2d10ab6d Mon Sep 17 00:00:00 2001 From: Emmanuel Viennet Date: Wed, 25 Aug 2021 18:15:03 +0200 Subject: [PATCH] Peaufine script config --- app/scodoc/notes_log.py | 4 +++- tools/configure-scodoc9.sh | 41 +++++++++++++++++++++++++++++++++++--- 2 files changed, 41 insertions(+), 4 deletions(-) mode change 100644 => 100755 tools/configure-scodoc9.sh diff --git a/app/scodoc/notes_log.py b/app/scodoc/notes_log.py index 67ae317c..07813734 100644 --- a/app/scodoc/notes_log.py +++ b/app/scodoc/notes_log.py @@ -15,7 +15,9 @@ from flask import g, current_app """ LOG_FILENAME = "notes.log" # empty to disable logging -DEFAULT_LOG_DIR = "/tmp" # clients should call set_log_directory to change this +DEFAULT_LOG_DIR = ( + "/opt/scodoc-data/log" # clients should call set_log_directory to change this +) ALARM_DESTINATION = "emmanuel.viennet@gmail.com" # XXX a mettre en preference diff --git a/tools/configure-scodoc9.sh b/tools/configure-scodoc9.sh old mode 100644 new mode 100755 index 01a4fd24..e4322deb --- a/tools/configure-scodoc9.sh +++ b/tools/configure-scodoc9.sh @@ -14,6 +14,26 @@ source "$SCRIPT_DIR/utils.sh" cd /opt/scodoc || die "Error: chdir to /opt/scodoc" +# ------------ VERIF SYSTEME + +if [ -e /etc/debian_version ] +then + debian_version=$(cat /etc/debian_version) + debian_version=${debian_version%%.*} + echo "Detected Debian version: ${debian_version}" + if [ "$debian_version" != "11" ] + then + echo "Erreur: version Linux Debian incompatible" + echo "Utiliser un système Debian Bullseye (11)" + echo + exit 1 + fi +else + echo "can't detect Debian version" + exit 1 +fi +echo "--- Configuration de ScoDoc pour Debian 11" + # ------------ CONFIG FIREWALL OPTIONNELLE echo echo "Le firewall aide a proteger votre serveur d'intrusions indesirables." @@ -26,9 +46,12 @@ then ufw default deny incoming ufw default allow outgoing ufw allow ssh + ufw allow http ufw allow https yes | ufw enable + echo echo "firewall ufw activé." + echo fi # ------------ CONFIG NGINX @@ -45,7 +68,6 @@ if [ "$(norm_ans "$ans")" != 'N' ] then # génération des certifs: cert.pem key.pem dans /opt/scodoc-data/certs/ su -c "(cd $SCODOC_VAR_DIR && mkdir -p certs && openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -keyout certs/key.pem -out certs/cert.pem)" "$SCODOC_USER" - systemctl restart nginx fi # ------------ CREATION ENVIRONNEMENT @@ -79,6 +101,12 @@ EOF echo fi +# ------------ VERIFICATIONS DES REPERTOIRES ET DROITS +# déjà fait par le postinst, mais certaines fausses manips de nos utilisateurs +# ont pu changer ça: +set_scodoc_var_dir +change_scodoc_file_ownership + # ------------ CREATION BASE DE DONNEES echo echo "Voulez-vous créer la base SQL SCODOC ?" @@ -89,12 +117,19 @@ read -r ans if [ "$(norm_ans "$ans")" != 'N' ] then # on ne créée pas les bases TEST et DEV - su -c "/opt/scodoc/tools/create_database.sh SCODOC" || die "Erreur: create_database.sh SCODOC" + su -c "/opt/scodoc/tools/create_database.sh SCODOC" "$SCODOC_USER" || die "Erreur: create_database.sh SCODOC" echo "base SCODOC créée." # ------------ INITIALISATION BASE DE DONNEES - su -c "(cd /opt/scodoc; source venv/bin/activate; flask db-init; flask user-password admin)" || die "Erreur: db-init" + echo + echo "Création des tables et du compte admin" + echo + su -c "(cd /opt/scodoc; source venv/bin/activate; flask db-init; flask user-password admin)" "$SCODOC_USER" || die "Erreur: db-init" + echo + echo "base initialisée et admin créé." + echo fi +# ------------ LANCEMENT DES SERVICES systemctl start redis systemctl start scodoc9