diff options
author | Martina Pietruschka | 2015-11-12 09:00:54 +0000 |
---|---|---|
committer | Martina Pietruschka | 2015-11-12 09:00:54 +0000 |
commit | a381d4979b08d838f69245c0fa02338b425e5194 (patch) | |
tree | f759ac24cc6e913ac0888ba33a4742a9c635ef0e /install | |
parent | 2ee6856f0b88eca30ccfe7f18dc5f70b8ce89139 (diff) | |
download | aur-a381d4979b08d838f69245c0fa02338b425e5194.tar.gz |
replaces zarafa-server-arm
Diffstat (limited to 'install')
-rw-r--r-- | install | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/install b/install new file mode 100644 index 000000000000..15adbf39717c --- /dev/null +++ b/install @@ -0,0 +1,82 @@ +post_install() { + + # => create user + getent group zarafa &>/dev/null || groupadd -r zarafa + getent passwd zarafa &>/dev/null || useradd -r -c 'Zarafa Groupware Suite' -g zarafa -d /dev/null -s /bin/false zarafa + passwd -l zarafa &>/dev/null + + + if [ ! -d "/var/lib/mysql" ] + then + # => create database + mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql + systemctl start mysqld + + # => prepare database + mysql -u root -e "CREATE DATABASE IF NOT EXISTS zarafa; GRANT ALL PRIVILEGES ON zarafa.* TO zarafa@localhost IDENTIFIED BY 'zarafa'; SET GLOBAL max_allowed_packet=16777216;" + + else + # => show instructions + echo ">>> MySQL user zarafa, with unrestricted access to a "zarafa" database, must exist" + echo " > CREATE DATABASE IF NOT EXISTS zarafa;" + echo " > GRANT ALL PRIVILEGES ON zarafa.* TO zarafa@localhost IDENTIFIED BY 'zarafa';" + echo ">>> Run /usr/bin/mysql_secure_installation" + echo + echo ">>> Ensure the GLOBAL MySQL variable, max_allowed_packet, is >= 16MB, or is SESSION writable" + echo " > SET GLOBAL max_allowed_packet=16777216;" + echo + echo ">>> Log files located at /var/log/zarafa" + + fi + + # => set permission (PWD) + chown zarafa:zarafa -R /var/log/zarafa + chown zarafa:zarafa -R /var/lib/zarafa + + # => copy example configs to their active locations + for cfg in ${pkgdir}/usr/share/doc/zarafa/example-config/*.cfg; do + cp -n ${cfg} /etc/zarafa + done + + # => create ssl key and certificate (SSL) + if [ ! -f "/etc/ssl/private/zarafa.key" ] + then + # https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html + # https://cipherli.st/ + # http://www.shellhacks.com/en/HowTo-Create-CSR-using-OpenSSL-Without-Prompt-Non-Interactive + echo ">>> Creating default key and certificate to /etc/ssl/private/zarafa.*" + openssl genrsa -out /etc/ssl/private/zarafa.key 4096 + openssl req -new -sha512 -key /etc/ssl/private/zarafa.key -out /tmp/zarafa.csr -subj "/CN=localhost" + openssl x509 -req -days 3650 -in /tmp/zarafa.csr -signkey /etc/ssl/private/zarafa.key -out /etc/ssl/private/zarafa.crt + + # trust own certificate for later connections + find -L /etc/ssl/certs -samefile /etc/ssl/private/zarafa.crt -exec rm {} \; + ln -s /etc/ssl/private/zarafa.crt /etc/ssl/certs/zarafa.crt + ln -s /etc/ssl/private/zarafa.crt /etc/ssl/certs/$(openssl x509 -noout -hash -in /etc/ssl/certs/zarafa.crt).0 + update-ca-trust + fi + + # => create diffie hellman (PFS) + if [ ! -f "/etc/ssl/private/zarafa.dh" ] + then + echo ">>> Creating default dh file to /etc/ssl/private/zarafa.*" + openssl dhparam -out /etc/ssl/private/zarafa.dh 512 + fi + + # => set permission (SSL) + echo ">>> Setting permissions to /etc/ssl/private/zarafa.*" + chmod go-rwx /etc/ssl/private/zarafa.* + chmod u+rw /etc/ssl/private/zarafa.* + chown root:root /etc/ssl/private/zarafa.* + +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + userdel zarafa &> /dev/null + groupdel zarafa &> /dev/null + return 0 +} |