external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2026-03-04 15:54:48 +01:00
Code Issues Releases Wiki Activity

Move system-setup directory to tests

Browse Source 
Set the hosts FQDN instead of adding hosts entry for private ip
This commit is contained in:
downtownallday
2020-06-10 11:40:44 -04:00
parent 96da15ad27
commit ab087365c4
4 changed files with 104 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

227
tests/system-setup/remote-nextcloud-docker.sh Executable file
View File

@@ -0,0 +1,227 @@
#!/bin/bash
# setup MiaB-LDAP with a remote Nextcloud running on the same
# host under Docker exposed as localhost:8000
#
# to use:
# on a fresh Ubuntu:
# 1. checkout or copy the MiaB-LDAP code to ~/mailinabox
# 2. cd ~/mailinabox
# 3. sudo tests/system-setup/remote-nextcloud-docker.sh
#
# when complete you should have a working MiaB-LDAP and Nextcloud
#
# You can access MiaB-LDAP using your browser to the Ubuntu system in
# the normal way, (eg: https://<ubuntu-box>/admin).
#
# Nextcloud is running under Docker on the ubuntu box, so to access it
# you'll first need to ssh into the ubuntu box with port-forrwarding
# enabled.
#
# eg: ssh -L 8000:localhost:8000 user@<ubuntu-box>
#
# Then, in your browser visit http://localhost:8000/.
#
# See setup-defaults.sh for usernames and passwords.
#
usage() {
echo "Usage: $(basename "$0") [\"before-miab-install\"|\"miab-install\"|\"after-miab-install\"]"
echo "Install MiaB-LDAP and a remote Nextcloud running under docker exposed as localhost:8000"
echo "With no arguments, all three stages are run."
exit 1
}
# ensure working directory
if [ ! -d "tests/system-setup" ]; then
echo "This script must be run from the MiaB root directory"
exit 1
fi
# load helper scripts
. "tests/system-setup/setup-defaults.sh" \
|| die "Could not load setup-defaults"
. "tests/system-setup/setup-funcs.sh" \
|| die "Could not load setup-funcs"
# ensure running as root
if [ "$EUID" != "0" ]; then
die "This script must be run as root (sudo)"
fi
before_miab_install() {
H1 "BEFORE MIAB-LDAP INSTALL"
H2 "Update /etc/hosts"
#update_hosts_for_private_ip || die "Could not update /etc/hosts"
set_system_hostname || die "Could not set hostname"
# update system time
H2 "Set system time"
update_system_time || echo "Ignoring error..."
# update package lists before installing anything
H2 "apt-get update"
wait_for_apt
apt-get update -qq || die "apt-get update failed!"
# upgrade packages - if we don't do this and something like bind
# is upgraded through automatic upgrades (because maybe MiaB was
# previously installed), it may cause problems with the rest of
# the setup, such as with name resolution failures
if is_false "$TRAVIS"; then
H2 "apt-get upgrade"
wait_for_apt
apt-get upgrade -qq || die "apt-get upgrade failed!"
fi
# install prerequisites
H2 "QA prerequisites"
install_qa_prerequisites || die "Error installing QA prerequisites"
# enable the remote Nextcloud setup mod, which tells MiaB-LDAP to use
# the remote Nextcloud for calendar and contacts instead of the
# MiaB-installed one
H2 "Create setup/mods.d/remote-nextcloud.sh symbolic link"
if [ ! -e "setup/mods.d/remote-nextcloud.sh" ]; then
ln -s "../mods.available/remote-nextcloud.sh" "setup/mods.d/remote-nextcloud.sh" || die "Could not create remote-nextcloud.sh symlink"
fi
# install Docker
H2 "Install Docker"
install_docker || die "Could not install Docker! ($?)"
}
miab_install() {
H1 "MIAB-LDAP INSTALL"
if ! setup/start.sh; then
H1 "OUTPUT OF SELECT FILES"
dump_log "/var/log/syslog" 100
dump_conf_files "$TRAVIS"
H2; H2 "End"; H2
die "setup/start.sh failed!"
fi
H1 "OUTPUT OF SELECT FILES"
dump_conf_files "$TRAVIS"
H2; H2 "End"; H2
}
after_miab_install() {
H1 "AFTER MIAB-LDAP INSTALL"
. /etc/mailinabox.conf || die "Could not load /etc/mailinabox.conf"
# run Nextcloud docker image
H2 "Start Nextcloud docker container"
docker run -d --name NC -p 8000:80 \
--env SQLITE_DATABASE=nextclouddb.sqlite \
--env NEXTCLOUD_ADMIN_USER="$NC_ADMIN_USER" \
--env NEXTCLOUD_ADMIN_PASSWORD="$NC_ADMIN_PASSWORD" \
--env NEXTCLOUD_TRUSTED_DOMAINS="127.0.0.1 ::1" \
--env NEXTCLOUD_UPDATE=1 \
--env SMTP_HOST="$PRIMARY_HOSTNAME" \
--env SMTP_SECURE="tls" \
--env SMTP_PORT=587 \
--env SMTP_AUTHTYPE="LOGIN" \
--env SMTP_NAME="$EMAIL_ADDR" \
--env SMTP_PASSWORD="$EMAIL_PW" \
--env SMTP_FROM_ADDRESS="$(awk -F@ '{print $1}' <<< "$EMAIL_ADDR")" \
--env MAIL_DOMAIN="$(awk -F@ '{print $2}' <<< "$EMAIL_ADDR")" \
nextcloud:latest \
|| die "Docker run failed!"
H2 "docker: Update /etc/hosts so it can find MiaB-LDAP by name"
echo "$PRIVATE_IP $PRIMARY_HOSTNAME" | \
docker exec -i NC bash -c 'cat >>/etc/hosts' \
|| die "docker: could not update /etc/hosts"
# apt-get update
H2 "docker: apt-get update"
docker exec NC apt-get update || die "docker: apt-get update failed"
# allow LDAP access from docker image
H2 "Allow ldaps through firewall so Nextcloud can perform LDAP searches"
ufw allow ldaps || die "Unable to modify firewall to permit ldaps"
# add MiaB-LDAP's ca_certificate.pem to docker's trusted cert list
H2 "docker: update trusted CA list"
docker cp \
$STORAGE_ROOT/ssl/ca_certificate.pem \
NC:/usr/local/share/ca-certificates/mailinabox.crt \
|| die "docker: copy ca_certificate.pem failed"
docker exec NC update-ca-certificates \
|| die "docker: update-ca-certificates failed"
# wait for Nextcloud installation to complete
H2 "Wait for Nextcloud installation to complete"
echo -n "Waiting ..."
local count=0
while true; do
if [ $count -ge 10 ]; then
echo "FAILED"
die "Giving up"
fi
sleep 6
let count+=1
if [ $(docker exec NC php -n -r "include 'config/config.php'; print \$CONFIG['installed']?'true':'false';") == "true" ]; then
echo "ok"
break
fi
echo -n "${count}..."
done
# install and enable Nextcloud and apps
H2 "docker: install Nextcloud calendar app"
docker exec -u www-data NC ./occ app:install calendar \
|| die "docker: installing calendar app failed"
H2 "docker: install Nextcloud contacts app"
docker exec -u www-data NC ./occ app:install contacts \
|| die "docker: installing contacts app failed"
H2 "docker: enable user_ldap"
docker exec -u www-data NC ./occ app:enable user_ldap \
|| die "docker: enabling user_ldap failed"
# integrate Nextcloud with MiaB-LDAP
H2 "docker: integrate Nextcloud with MiaB-LDAP"
docker cp setup/mods.available/remote-nextcloud-use-miab.sh NC:/tmp \
|| die "docker: cp remote-nextcloud-use-miab.sh failed"
docker exec NC /tmp/remote-nextcloud-use-miab.sh \
. \
"$NC_ADMIN_USER" \
"$NC_ADMIN_PASSWORD" \
"$PRIMARY_HOSTNAME" \
"$LDAP_NEXTCLOUD_PASSWORD" \
|| die "docker: error running remote-nextcloud-use-miab.sh"
}
#
# process command line
#
case "$1" in
before-miab-install )
before_miab_install
;;
after-miab-install )
after_miab_install
;;
miab-install )
miab_install
;;
"" )
before_miab_install
miab_install
after_miab_install
;;
* )
usage
;;
esac

33
tests/system-setup/setup-defaults.sh Executable file
View File

@@ -0,0 +1,33 @@
#!/bin/bash
# Used by MiaB-LDAP setup/start.sh
export NONINTERACTIVE=${NONINTERACTIVE:-1}
export SKIP_NETWORK_CHECKS=${SKIP_NETWORK_CHECKS:-1}
export STORAGE_USER="${STORAGE_USER:-user-data}"
export STORAGE_ROOT="${STORAGE_ROOT:-/home/$STORAGE_USER}"
export EMAIL_ADDR="${EMAIL_ADDR:-qa@abc.com}"
export EMAIL_PW="${EMAIL_PW:-Test_1234}"
export PUBLIC_IP="${PUBLIC_IP:-$(source setup/functions.sh; get_default_privateip 4)}"
if [ "$TRAVIS" == "true" ]; then
export PRIMARY_HOSTNAME=${PRIMARY_HOSTNAME:-box.abc.com}
elif [ -z "$PRIMARY_HOSTNAME" ]; then
export PRIMARY_HOSTNAME=${PRIMARY_HOSTNAME:-$(hostname --fqdn || hostname)}
fi
# Placing this var in STORAGE_ROOT/ldap/miab_ldap.conf before running
# setup/start.sh will avoid a random password from being used for the
# Nextcloud LDAP service account
export LDAP_NEXTCLOUD_PASSWORD=${LDAP_NEXTCLOUD_PASSWORD:-Test_LDAP_1234}
# Used by setup/mods.available/remote-nextcloud.sh. These define to
# MiaB-LDAP the remote Nextcloud that serves calendar and contacts
export NC_PROTO=${NC_PROTO:-http}
export NC_HOST=${NC_HOST:-127.0.0.1}
export NC_PORT=${NC_PORT:-8000}
export NC_PREFIX=${NC_PREFIX:-/}
# For setup scripts that are installing a remote Nextcloud
export NC_ADMIN_USER="${NC_ADMIN_USER:-admin}"
export NC_ADMIN_PASSWORD="${NC_ADMIN_PASSWORD:-Test_1234}"

240
tests/system-setup/setup-funcs.sh Executable file
View File

@@ -0,0 +1,240 @@
die() {
local msg="$1"
echo "$msg" 1>&2
exit 1
}
H1() {
local msg="$1"
echo "----------------------------------------------"
if [ ! -z "$msg" ]; then
echo " $msg"
echo "----------------------------------------------"
fi
}
H2() {
local msg="$1"
if [ -z "$msg" ]; then
echo "***"
else
echo "*** $msg ***"
fi
}
dump_log() {
local log_file="$1"
local lines="$2"
local title="DUMP OF $log_file"
echo ""
echo "--------"
echo -n "-------- $log_file"
if [ ! -z "$lines" ]; then
echo " (last $line lines)"
else
echo ""
fi
echo "--------"
if [ ! -z "$lines" ]; then
tail -$lines "$log_file"
else
cat "$log_file"
fi
}
is_true() {
# empty string is not true
if [ "$1" == "true" \
-o "$1" == "TRUE" \
-o "$1" == "True" \
-o "$1" == "yes" \
-o "$1" == "YES" \
-o "$1" == "Yes" \
-o "$1" == "1" ]
then
return 0
else
return 1
fi
}
is_false() {
if is_true $@; then return 1; fi
return 0
}
wait_for_apt() {
local count=0
while fuser /var/lib/dpkg/lock >/dev/null 2>&1 || fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; do
sleep 6
let count+=1
if [ $count -eq 1 ]; then
echo -n "Waiting for other package manager to finish..."
elif [ $count -gt 100 ]; then
echo -n "FAILED"
return 1
else
echo -n "${count}.."
fi
done
[ $count -ge 1 ] && echo ""
}
dump_conf_files() {
local skip
if [ $# -eq 0 ]; then
skip="false"
else
skip="true"
for item; do
if is_true "$item"; then
skip="false"
break
fi
done
fi
if [ "$skip" == "false" ]; then
dump_log "/etc/mailinabox.conf"
dump_log "/etc/hosts"
dump_log "/etc/nsd/nsd.conf"
dump_log "/etc/postfix/main.cf"
fi
}
update_system_time() {
if [ ! -x /usr/sbin/ntpdate ]; then
wait_for_apt
apt-get install -y -qq ntpdate || return 1
fi
ntpdate -s ntp.ubuntu.com && echo "System time updated"
}
update_hosts() {
local host="$1"
shift
local ip
for ip; do
if [ ! -z "$ip" ]; then
local line="$ip $host"
if ! grep -F "$line" /etc/hosts 1>/dev/null; then
echo "$line" >>/etc/hosts
fi
fi
done
}
update_hosts_for_private_ip() {
# create /etc/hosts entry for PRIVATE_IP and PRIVATE_IPV6
# PRIMARY_HOSTNAME must already be set
local ip4=$(source setup/functions.sh; get_default_privateip 4)
local ip6=$(source setup/functions.sh; get_default_privateip 6)
[ -z "$ip4" -a -z "$ip6" ] && return 1
[ -z "$ip6" ] && ip6="::1"
update_hosts "$PRIMARY_HOSTNAME" "$ip4" "$ip6" || return 1
}
set_system_hostname() {
# set the system hostname to the FQDN specified or
# PRIMARY_HOSTNAME if no FQDN was given
local fqdn="${1:-$PRIMARY_HOSTNAME}"
local host="$(awk -F. '{print $1}' <<< "$fqdn")"
sed -i 's/^127\.0\.1\.1[ \t].*/127.0.1.1 '"$fqdn $host ip4-loopback/" /etc/hosts || return 1
#hostname "$host" || return 1
#echo "$host" > /etc/hostname
return 0
}
install_docker() {
if [ -x /usr/bin/docker ]; then
echo "Docker already installed"
return 0
fi
wait_for_apt
apt-get install -y -qq \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common \
|| return 1
wait_for_apt
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \
|| return 2
wait_for_apt
apt-key fingerprint 0EBFCD88 || return 3
wait_for_apt
add-apt-repository -y --update "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" || return 4
wait_for_apt
apt-get install -y -qq \
docker-ce \
docker-ce-cli \
containerd.io \
|| return 5
}
install_qa_prerequisites() {
[ -z "$STORAGE_ROOT" ] \
&& echo "Error: STORAGE_ROOT not set" 1>&2 \
&& return 1
local rc=0
# python3-dnspython: is used by the python scripts in 'tests' and is
# not installed by setup
wait_for_apt
apt-get install -y -qq python3-dnspython
# copy in pre-built MiaB-LDAP ssl files
# 1. avoid the lengthy generation of DH params
mkdir -p $STORAGE_ROOT/ssl \
|| (echo "Unable to create $STORAGE_ROOT/ssl ($?)" && rc=1)
cp tests/assets/ssl/dh2048.pem $STORAGE_ROOT/ssl \
|| (echo "Copy dhparams failed ($?)" && rc=1)
# create miab_ldap.conf to specify what the Nextcloud LDAP service
# account password will be to avoid a random one created by start.sh
if [ ! -z "$LDAP_NEXTCLOUD_PASSWORD" ]; then
mkdir -p $STORAGE_ROOT/ldap \
|| (echo "Could not create $STORAGE_ROOT/ldap" && rc=1)
[ -e $STORAGE_ROOT/ldap/miab_ldap.conf ] && \
echo "Warning: exists: $STORAGE_ROOT/ldap/miab_ldap.conf" 1>&2
touch $STORAGE_ROOT/ldap/miab_ldap.conf || rc=1
if ! grep "^LDAP_NEXTCLOUD_PASSWORD=" $STORAGE_ROOT/ldap/miab_ldap.conf >/dev/null; then
echo "LDAP_NEXTCLOUD_PASSWORD=\"$LDAP_NEXTCLOUD_PASSWORD\"" >> $STORAGE_ROOT/ldap/miab_ldap.conf
fi
fi
return $rc
}
travis_fix_nsd() {
if [ "$TRAVIS" != "true" ]; then
return 0
fi
# nsd won't start on Travis-CI without the changes below: ip6 off and
# control-enable set to no. Even though the nsd docs say the
# default value for control-enable is no, running "nsd-checkconf -o
# control-enable /etc/nsd/nsd.conf" returns "yes", so we explicitly
# set it here.
#
# we're assuming that the "ip-address" line is the last line in the
# "server" section of nsd.conf. if this generated file output
# changes, the sed command below may need to be adjusted.
sed -i 's/ip-address\(.\)\(.*\)/ip-address\1\2\n do-ip4\1 yes\n do-ip6\1 no\n verbosity\1 3\nremote-control\1\n control-enable\1 no/' /etc/nsd/nsd.conf || return 1
cat /etc/nsd/nsd.conf
systemctl reset-failed nsd.service || return 2
systemctl restart nsd.service || return 3
}