--marcflavor flavor Set the MARC flavor. Valid values are marc21 (default),
normarc and unimarc.
--zebralang lang Choose the primary language for Zebra indexing. Valid
- values are en (default), es, fr, gr, nb, ru and uk.
+ values are cs, en (default), es, fr, gr, nb, ru and uk.
--auth-idx idx_mode Set the indexing mode for authority records. Valid
values are dom (default) and grs1.
--biblio-idx idx_mode Set the indexing mode for bibliographic records.
Valid values are dom (default) and grs1.
- --use-memcached Set the instance to make use of memcache.
--memcached-servers str Set a comma-separated list of host:port memcached servers.
--memcached-prefix str Set the desired prefix for the instance memcached namespace.
--enable-sru Enable the Z39.50/SRU server (default: disabled).
--defaultsql some.sql Specify a default SQL file to be loaded on the DB.
--configfile cfg_file Specify an alternate config file for reading default values.
--passwdfile passwd Specify an alternate passwd file.
+ --dbhost host Enforce the use of the specified DB server
--database dbname Enforce the use of the specified DB name (64 char limit)
--adminuser n Explicit the admin user ID in the DB. Relevant in
conjunction with --defaultsql and --populate-db.
+ --template-cache-dir Set a user defined template_cache_dir. It defaults to
+ /var/cache/koha/<instance>/templates
+ --timezone time/zone Specify a timezone. e.g. America/Argentina
+ --upload-path dir Set a user defined upload_path. It defaults to
+ /var/lib/koha/<instance>/uploads
+ --letsencrypt Set up a https-only site with letsencrypt certificates
--help,-h Show this help.
Note: the instance name cannot be longer that 11 chars.
touch "$2"
chown "root:$username" "$2"
chmod 0640 "$2"
- sed -e "s/__KOHASITE__/$name/g" \
+ sed -e "s/__KOHA_CONF_DIR__/\/etc\/koha\/sites\/$name/g" \
+ -e "s/__KOHASITE__/$name/g" \
-e "s/__OPACPORT__/$OPACPORT/g" \
-e "s/__INTRAPORT__/$INTRAPORT/g" \
-e "s/__OPACSERVER__/$opacdomain/g" \
-e "s/__END_BIBLIOS_RETRIEVAL_INFO__/`echo $END_BIBLIOS_RETRIEVAL_INFO`/g" \
-e "s/__START_AUTHORITIES_RETRIEVAL_INFO__/`echo $START_AUTHORITIES_RETRIEVAL_INFO`/g" \
-e "s/__END_AUTHORITIES_RETRIEVAL_INFO__/`echo $END_AUTHORITIES_RETRIEVAL_INFO`/g" \
+ -e "s/__API_SECRET__/$API_SECRET/g" \
-e "s/__DB_NAME__/$mysqldb/g" \
-e "s/__DB_HOST__/$mysqlhost/g" \
-e "s/__DB_USER__/$mysqluser/g" \
-e "s/__DB_PASS__/$mysqlpwd/g" \
-e "s/__UNIXUSER__/$username/g" \
-e "s/__UNIXGROUP__/$username/g" \
+ -e "s#__TEMPLATE_CACHE_DIR__#$TEMPLATE_CACHE_DIR#g" \
+ -e "s#__TIMEZONE__#$TIMEZONE#g" \
+ -e "s#__UPLOAD_PATH__#$UPLOAD_PATH#g" \
+ -e "s/__LOG_DIR__/\/var\/log\/koha\/$name/g" \
-e "s/__PLUGINS_DIR__/\/var\/lib\/koha\/$name\/plugins/g" \
-e "s/__MEMCACHED_NAMESPACE__/$MEMCACHED_NAMESPACE/g" \
-e "s/__MEMCACHED_SERVERS__/$MEMCACHED_SERVERS/g" \
}
getmysqlhost() {
+ if [ ! -f /etc/mysql/debian.cnf ]
+ then
+ echo localhost
+ return
+ fi
awk '
- /^\[/ { inclient = 0 }
- /^\[client\]/ { inclient = 1 }
- inclient && /^ *host *=/ { print $3 }' \
+ BEGIN { FS="=" }
+ $1 ~/\[/ { inclient=0 }
+ $1 ~/\[client\]/ { inclient=1; next }
+ inclient==1 && $1 ~/host/ { gsub(/ /, "", $2); print $2 }' \
/etc/mysql/koha-common.cnf
}
die
fi
+ # Check that mod_ssl is installed and enabled.
+ if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+ if ! /usr/sbin/apachectl -M 2> /dev/null | grep -q 'ssl_module'; then
+ cat 1>&2 <<EOM
+
+Koha requires mod_ssl to be enabled within Apache in order to run with --letsencrypt.
+Typically this can be enabled with:
+
+ sudo a2enmod ssl
+EOM
+ die
+ fi
+ fi
+
}
set_biblios_indexing_mode()
}
+set_upload_path()
+{
+ local instance="$1"
+
+ if [ "$CLO_UPLOAD_PATH" != "" ]; then
+ UPLOAD_PATH=$CLO_UPLOAD_PATH
+ else
+ UPLOAD_PATH="$UPLOAD_PATH_BASE/$instance/$UPLOAD_DIR"
+ fi
+}
+
enable_sru_server()
{
# remove the commenting symbols
fi
}
+check_letsencrypt()
+{
+ if [ $(dpkg-query -W -f='${Status}' letsencrypt 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
+ set +e
+ apt-cache show letsencrypt &>/dev/null
+ local aptcacheshow=$?
+ set -e
+ if [ $aptcacheshow -eq 0 ]; then
+ read -r -p "The letsencrypt package is not installed. Do it now? [y/N] " response
+ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then
+ local debrelease="$(lsb_release -c -s)"
+ if [ $debrelease = "jessie" ]; then
+ apt-get install -y -t jessie-backports letsencrypt
+ else
+ apt-get install -y letsencrypt
+ fi
+ else
+ die "You have to install letsencrypt to use the --letsencrypt parameter."
+ fi
+ else
+ echo "No installation candidate available for package letsencrypt."
+ if [[ -f /usr/bin/letsencrypt ]]; then
+ read -r -p "If you have a symlink from /usr/bin/letsencrypt to letsencrypt-auto, it should work. [y/N] " response
+ if [[ ! $response =~ ^([yY][eE][sS]|[yY])$ ]]; then
+ die "You have to install letsencrypt to use the --letsencrypt parameter."
+ fi
+ else
+ die "You can create a symlink from /usr/bin/letsencrypt to letsencrypt-auto."
+ fi
+ fi
+ fi
+}
+
+letsencrypt_instance()
+{
+ # Get letsencrypt certificates
+ letsencrypt --agree-tos --renew-by-default --webroot certonly \
+ -w /usr/share/koha/opac/htdocs/ -d $opacdomain -w /usr/share/koha/intranet/htdocs/ -d $intradomain
+ # enable all ssl settings (apache won't start with these before certs are present)
+ sed -i "s:^\s*#\(\s*SSL.*\)$:\1:" "/etc/apache2/sites-available/$name.conf"
+ # change port from 80 to 443. (apache won't start if it is 443 without certs present)
+ sed -i "s:^\s*\(<VirtualHost \*\:\)80> #https$:\1443>:" "/etc/apache2/sites-available/$name.conf"
+ # enable redirect from http to https on port 80
+ sed -i "s:^\s*#\(.*\)#nohttps$:\1:" "/etc/apache2/sites-available/$name.conf"
+ # make koha-list --letsencrypt aware of this instance # could be done by checking apache conf instead
+ echo -e "opacdomain=\"$opacdomain\"\nintradomain=\"$intradomain\"" > /var/lib/koha/$name/letsencrypt.enabled
+ # restart apache with working certs
+ service apache2 restart
+}
+
# Set defaults and read config file, if it exists.
DOMAIN=""
OPACPORT="80"
PASSWDFILE="/etc/koha/passwd"
# memcached variables
-USE_MEMCACHED="no"
+USE_MEMCACHED="yes"
MEMCACHED_SERVERS=""
MEMCACHED_PREFIX=""
# hardcoded memcached defaults
DEFAULT_MEMCACHED_SERVERS="127.0.0.1:11211"
DEFAULT_MEMCACHED_PREFIX="koha_"
-
+# hardcoded upload_path
+UPLOAD_PATH_BASE="/var/lib/koha"
+UPLOAD_DIR="uploads"
+UPLOAD_PATH=""
+# timezone defaults to empty
+TIMEZONE=""
+# cache base dir
+CACHE_DIR_BASE="/var/cache/koha"
+# Generate a randomizaed API secret
+API_SECRET="$(pwgen -s 64 1)"
# SRU server variables
ENABLE_SRU="no"
SRU_SERVER_PORT=""
START_AUTHORITIES_RETRIEVAL_INFO=""
END_AUTHORITIES_RETRIEVAL_INFO=""
+APACHE_CONFIGFILE=""
+
if [ -e /etc/koha/koha-sites.conf ]
then
. /etc/koha/koha-sites.conf
[ $# -ge 1 ] && [ $# -le 16 ] || ( usage ; die "Error: wrong parameters" )
-TEMP=`getopt -o chrpm:l:d:f:b:a: -l create-db,request-db,populate-db,use-db,use-memcached,enable-sru,sru-port:,help,marcflavor:,auth-idx:,biblio-idx:,zebralang:,defaultsql:,configfile:,passwdfile:,database:,adminuser:,memcached-servers:,memcached-prefix:, \
+TEMP=`getopt -o chrpm:l:d:f:b:a: -l create-db,request-db,populate-db,use-db,enable-sru,sru-port:,help,marcflavor:,auth-idx:,biblio-idx:,zebralang:,defaultsql:,configfile:,passwdfile:,dbhost:,database:,adminuser:,memcached-servers:,memcached-prefix:,template-cache-dir:,timezone:,upload-path:,letsencrypt, \
-n "$0" -- "$@"`
# Note the quotes around `$TEMP': they are essential!
CLO_AUTHORITIES_INDEXING_MODE=""
CLO_MEMCACHED_SERVERS=""
CLO_MEMCACHED_PREFIX=""
-
+CLO_UPLOAD_PATH=""
+CLO_LETSENCRYPT=""
+CLO_TEMPLATE_CACHE_DIR=""
+CLO_TIMEZONE=""
while true ; do
case "$1" in
op=populate ; shift ;;
-u|--use-db)
op=use ; shift ;;
- --use-memcached)
- USE_MEMCACHED="yes" ; shift ;;
--memcached-servers)
CLO_MEMCACHED_SERVERS="$2" ; shift 2 ;;
--memcached-prefix)
CLO_PASSWDFILE="$2" ; shift 2 ;;
-b|--database)
CLO_DATABASE="$2" ; shift 2 ;;
+ --dbhost)
+ CLO_DBHOST="$2" ; shift 2 ;;
-a|--adminuser)
CLO_ADMINUSER="$2" ; shift 2 ;;
--enable-sru)
ENABLE_SRU="yes" ; shift ;;
--sru-port)
SRU_SERVER_PORT="$2" ; shift 2 ;;
+ --template-cache-dir)
+ CLO_TEMPLATE_CACHE_DIR="$2" ; shift 2 ;;
+ --timezone)
+ CLO_TIMEZONE="$2" ; shift 2 ;;
+ --upload-path)
+ CLO_UPLOAD_PATH="$2" ; shift 2 ;;
+ --letsencrypt)
+ CLO_LETSENCRYPT="yes" ; shift ;;
-h|--help)
usage ; exit 0 ;;
--)
PASSWDFILE="$CLO_PASSWDFILE"
fi
+if [ "$CLO_TIMEZONE" != "" ]; then
+ TIMEZONE=$CLO_TIMEZONE
+fi
+
if [ "$CLO_BIBLIOS_INDEXING_MODE" != "" ]; then
BIBLIOS_INDEXING_MODE=$CLO_BIBLIOS_INDEXING_MODE
fi
set_authorities_indexing_mode $AUTHORITIES_INDEXING_MODE $ZEBRA_MARC_FORMAT
-name="$1"
+[ $# -ge 1 ] || ( usage ; die "Missing instance name..." )
-if [ "$USE_MEMCACHED" = "yes" ]; then
- set_memcached $name
-elif [ "$CLO_MEMCACHED_SERVERS" != "" ] || \
- [ "$CLO_MEMCACHED_PREFIX" != "" ]; then
+name="$1"
- MSG=`cat <<EOF
+set_upload_path $name
-Error: you provided memcached configuration switches but memcached is not enabled.
-Please set USE_MEMCACHED="yes" on /etc/koha/koha-sites.conf or use the
---use-memcached option switch to enable it.
+if [ "$op" = use ] && [ "$CLO_DATABASE" = "" ] &&
+ ( [ ! -f "$PASSWDFILE" ] || [ ! `cat $PASSWDFILE | grep "^$name:"` ] )
+then
+ cat <<NO_DB
+--use-db must have a database name. It can be specified in a readable
+password file ($PASSWDFILE). Using --passwdfile overrides the default
+/usr/koha/passwd file. Each line of a passwd file should be in the format of:
+ instance:username:password:dbname:dbhost
+A database name can also be specified using '--database dbname'.
+NO_DB
+ die;
+fi
-EOF`
+set_memcached $name
- usage ; die $MSG
+# Set template cache dir
+if [ "$CLO_TEMPLATE_CACHE_DIR" != "" ]; then
+ TEMPLATE_CACHE_DIR="$CLO_TEMPLATE_CACHE_DIR"
else
- # Unset memcached-related variables
- MEMCACHED_SERVERS=""
- MEMCACHED_PREFIX=""
+ TEMPLATE_CACHE_DIR="$CACHE_DIR_BASE/$name/templates"
fi
# Are we root? If not, the mod_rewrite check will fail and be confusing, so
opacdomain="$OPACPREFIX$name$OPACSUFFIX$DOMAIN"
intradomain="$INTRAPREFIX$name$INTRASUFFIX$DOMAIN"
+# Check everything is ok with letsencrypt, die otherwise
+if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+ check_letsencrypt
+fi
if [ -f $PASSWDFILE ] && [ `cat $PASSWDFILE | grep "^$name:"` ]
then
mysqluser=`echo $passwdline | cut -d ":" -f 2`
mysqlpwd=`echo $passwdline | cut -d ":" -f 3`
mysqldb=`echo $passwdline | cut -d ":" -f 4`
+ mysqlhost=`echo $passwdline | cut -d ":" -f 5`
fi
# The order of precedence for MySQL database name is:
then
mysqldb="koha_$name"
fi
+
if [ "$CLO_DATABASE" != "" ]
then
mysqldb="$CLO_DATABASE"
then
mysqluser="koha_$name"
fi
-mysqlhost="$(getmysqlhost)"
+
+if [ "$CLO_DBHOST" != "" ]
+then
+ mysqlhost="$CLO_DBHOST"
+fi
+
+if [ "$mysqlhost" = "" ]
+then
+ mysqlhost="$(getmysqlhost)"
+fi
if [ "$op" = create ] || [ "$op" = request ] || [ "$op" = use ]
then
# Set up MySQL database for this instance.
if [ "$op" = create ]
then
- mysql --defaults-extra-file=/etc/mysql/koha-common.cnf <<eof
+ if [ ! -e /etc/mysql/debian.cnf ]; then
+ MYSQL_OPTIONS="-u root"
+ echo "WARNING: The koha-common.cnf file is a dead soft link!"
+ else
+ MYSQL_OPTIONS="--defaults-extra-file=/etc/mysql/koha-common.cnf"
+ fi
+ mysql $MYSQL_OPTIONS <<eof
CREATE DATABASE \`$mysqldb\`;
CREATE USER \`$mysqluser\`@'$mysql_hostname' IDENTIFIED BY '$mysqlpwd';
CREATE USER \`$mysqluser\`@'%' IDENTIFIED BY '$mysqlpwd';
GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`;
+GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`@'$mysql_hostname';
FLUSH PRIVILEGES;
eof
fi #`
- if [ "$op" = use ]
- then
- mysql --defaults-extra-file=/etc/mysql/koha-common.cnf --force <<eof
-CREATE USER \`$mysqluser\`@'$mysql_hostname' IDENTIFIED BY '$mysqlpwd';
-CREATE USER \`$mysqluser\`@'%' IDENTIFIED BY '$mysqlpwd';
-GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`;
-FLUSH PRIVILEGES;
-eof
- fi #`
-
+ if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+ APACHE_CONFIGFILE="apache-site-https.conf.in"
+ else
+ APACHE_CONFIGFILE="apache-site.conf.in"
+ fi
# Generate and install Apache site-available file and log dir.
- generate_config_file apache-site.conf.in \
+ generate_config_file $APACHE_CONFIGFILE \
"/etc/apache2/sites-available/$name.conf"
mkdir "/var/log/koha/$name"
chown "$username:$username" "/var/log/koha/$name"
generate_config_file koha-conf-site.xml.in \
"/etc/koha/sites/$name/koha-conf.xml"
+ # Generate and install the log4perl config file.
+ generate_config_file log4perl-site.conf.in \
+ "/etc/koha/sites/$name/log4perl.conf"
+
# Generate and install Zebra config files.
generate_config_file zebra-biblios-site.cfg.in \
"/etc/koha/sites/$name/zebra-biblios.cfg"
generate_config_file zebra.passwd.in \
"/etc/koha/sites/$name/zebra.passwd"
-
# Create a GPG-encrypted file for requesting a DB to be set up.
if [ "$op" = request ]
then
then
# Populate the database with default content.
zcat "$DEFAULTSQL" |
- sed "s/__KOHASITE__/$name/g" |
+ sed "s/__KOHASITE__/koha_$name/g" |
mysql --host="$mysqlhost" --user="$mysqluser" --password="$mysqlpwd" "$mysqldb"
service apache2 restart
# Start Zebra.
- koha-start-zebra "$name"
+ koha-zebra --start "$name"
if [ "$USE_INDEXER_DAEMON" = "yes" ]; then
# Start Indexer daemon
koha-indexer --start "$name"
fi
+
+ if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+ # Get letsencrypt certificates
+ letsencrypt_instance
+ fi
fi
projects / koha.git / blobdiff