aegir.install


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

post_install() {
  post_upgrade

  echo -n ">>> Testing that localhost resolves to an IP address assigned to a network interface... "
  [ $(ip addr | sed --quiet --regexp-extended 's/\s+inet6?\s([^\/]*).*/\1/p' | egrep '^(127.0.0.1|::1)$' | wc -l) -eq 0 ] && echo "Failed." || echo "Passed."

  echo -n ">>> Testing for successful outgoing mail by PHP... "
  [ -z "$(php -r 'print_r(mail("example@example.com", "Test email from PHP", "Test email body."));')" ] && echo "Failed." || echo "Passed."

  echo -n ">>> Disabling default pool named 'www' by commenting out all non-empty lines without a semi-colon prefix..."
  sed --in-place 's/^\([^$;]\)/;\1/' /etc/php/php-fpm.d/www.conf

  echo ">>> Initialise Aegir with the following steps:"
  echo "    1. Initialise the MariaDB data directory, e.g. with the mysql install db command, and start the MariaDB service:"
  echo "       # mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql && systemctl start mysqld.service"
  echo "    2. Run mysql_secure_installation to:"
  echo "       - set a root password;"
  echo "       - remove anonymous users;"
  echo "       - disallow remote root logins; and"
  echo "       - remove the test database."
  echo "    3. Create a database user for Aegir with the 'GRANT OPTION' privilege:"
  echo "       $ mysql --execute=\"GRANT ALL PRIVILEGES ON *.* TO 'aegir'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;\""
  echo "    4. Install Aegir's frontend with the drush command, hostmaster-install, e.g.:"
  echo "       # sudo -Hu aegir drush hostmaster-install --web_group=http --http_service_type=nginx \\"
  echo "                                                 --root=/usr/share/webapps/hostmaster \\"
  echo "                                                 --aegir_db_user=aegir --aegir_db_pass=password \\"
  echo "                                                 --client_email=aegir@$(hostname) \\"
  echo "                                                 --aegir_host=$(hostname) aegir.$(hostname)"
  echo "    5. Reconfigure Aegir's nginx configuration to use UNIX sockets instead of a network loopback port:"
  echo "       # sed -i 's#127.0.0.1:9000#unix:/run/php-fpm/php-fpm.sock#' /var/lib/aegir/config/includes/nginx_vhost_common.conf"
  echo "    6. Start and start on boot the Aegir stack target:"
  echo "       # systemctl enable --now aegir.target"
  echo "    7. Enable the hosting_queued module/hosting feature, unmask the queue daemon service unit, and restart the Aegir stack:"
  echo "       # drush @hostmaster pm-enable hosting_queued"
  echo "       # drush @hostmaster vset --exact --format=integer hosting_feature_queued 1"
  echo "       # systemctl restart aegir.target"
}

pre_upgrade() {
  [ $(systemctl --system is-active aegir.target) = active ] && {
    touch /tmp/aegir.target-active
    systemctl --system stop --now aegir.target
  }
  true
}

post_upgrade() {
  echo -n ">>> Creating the aegir user as an alias of the http user... "
  [ $(getent passwd aegir &>/dev/null; echo $?) -eq 0 ] && {
    echo "User already exists; no action taken."
  } || {
    useradd --gid $(id --group http) --home-dir /var/lib/aegir --non-unique --uid $(id --user http) aegir
    # Replace /etc/passwd with itself having the Aegir user rearranged above the HTTP user.
    tempfile=$(mktemp)
    cat <(sed -n '1,/^http/p' /etc/passwd | head -n-1) <(getent passwd aegir) <(sed -n '/^http/,$p' /etc/passwd | head -n-1) >| $tempfile
    install -m644 $tempfile /etc/passwd
    echo "Done."
  }

  echo '>>> Setting up shared system-wide drush configuration'
  echo '    by symlinking ~/.drush to /etc/drush for all users.'
  for user in $(cut --fields=1,6 --delimiter=: /etc/passwd | grep :/home); do
    user=($(echo $user | tr ':' ' '))
    path="${user[1]}/.drush"
    user="${user[0]}"
    [ -h "$path" -a "$(realpath "$path")" = /etc/drush ] ||
      sudo -Hu $user ln --backup --force --symbolic /etc/drush "$path"
  done


  [ -f /tmp/aegir.target-active ] && {
    rm /tmp/aegir.target-active
    systemctl --system stop --now aegir.target
  }
  true
}

pre_remove() {
  [ $(systemctl --system is-enabled aegir.target) = enabled ] && systemctl --system disable --now aegir.target
  [ $(systemctl --system is-active aegir.target) = enabled ] && systemctl --system stop --now aegir.target
  [ $(getent passwd aegir &>/dev/null; echo $?) -eq 0 ] && userdel aegir
  echo ">>> There are still files related to Aegir at: /var/lib/aegir."
}