2013-08-22 14:26:38 +00:00
|
|
|
#!/bin/bash
|
2019-07-14 16:39:35 +00:00
|
|
|
#
|
|
|
|
# pan.do/ra installer
|
|
|
|
# ===================
|
|
|
|
#
|
|
|
|
|
2015-05-02 10:09:53 +00:00
|
|
|
PANDORA=${PANDORA-pandora}
|
2017-03-16 15:26:39 +00:00
|
|
|
|
|
|
|
POSTGRES=${POSTGRES-local}
|
|
|
|
RABBITMQ=${RABBITMQ-local}
|
|
|
|
NGINX=${NGINX-local}
|
2019-04-30 10:42:28 +00:00
|
|
|
BRANCH=${BRANCH-stable}
|
2017-03-16 15:26:39 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# add a pandora user
|
2020-05-30 11:01:44 +00:00
|
|
|
echo Installing pandora with user: $PANDORA branch: $BRANCH
|
2015-05-04 08:55:13 +00:00
|
|
|
getent passwd $PANDORA > /dev/null 2>&1 || adduser --disabled-password --gecos "" $PANDORA
|
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
#
|
|
|
|
# install pan.do/ra ppa
|
|
|
|
#
|
|
|
|
# apt-get install software-properties-common
|
|
|
|
# add-apt-repository ppa:j/pandora
|
|
|
|
#
|
2013-08-22 14:26:38 +00:00
|
|
|
LXC=`grep -q lxc /proc/1/environ && echo 'yes' || echo 'no'`
|
2014-10-10 14:16:54 +00:00
|
|
|
if [ -e /etc/os-release ]; then
|
|
|
|
. /etc/os-release
|
|
|
|
fi
|
2013-08-22 14:26:38 +00:00
|
|
|
export DEBIAN_FRONTEND=noninteractive
|
2017-10-24 18:43:30 +00:00
|
|
|
|
2024-09-11 22:01:57 +00:00
|
|
|
apt-get install -y gnupg curl
|
2017-10-24 18:43:30 +00:00
|
|
|
|
2024-09-11 22:01:57 +00:00
|
|
|
distribution=bookworm
|
|
|
|
for version in bookworm trixie bionic focal jammy noble; do
|
|
|
|
if [ "$VERSION_CODENAME" = $version ]; then
|
|
|
|
distribution=$VERSION_CODENAME
|
|
|
|
fi
|
|
|
|
done
|
2022-03-26 11:51:30 +00:00
|
|
|
|
2024-09-11 22:01:57 +00:00
|
|
|
curl -Ls https://code.0x2620.org/api/packages/0x2620/debian/repository.key -o /etc/apt/keyrings/pandora.asc
|
|
|
|
echo "deb [signed-by=/etc/apt/keyrings/pandora.asc] https://code.0x2620.org/api/packages/0x2620/debian $distribution main" > /etc/apt/sources.list.d/pandora.list
|
2014-11-18 13:43:51 +00:00
|
|
|
|
2016-03-26 21:55:53 +00:00
|
|
|
echo 'Acquire::Languages "none";' > /etc/apt/apt.conf.d/99languages
|
2014-11-18 13:43:51 +00:00
|
|
|
|
2015-05-01 10:45:03 +00:00
|
|
|
apt-get update -qq
|
2013-08-22 14:26:38 +00:00
|
|
|
|
|
|
|
if [ "$LXC" == "no" ]; then
|
2019-07-14 16:39:35 +00:00
|
|
|
apt-get install -y acpid
|
|
|
|
systemctl enable systemd-timesyncd.service
|
2013-08-22 14:26:38 +00:00
|
|
|
fi
|
2019-07-14 16:39:35 +00:00
|
|
|
|
|
|
|
# add postgres, rabbitmq and nginx
|
|
|
|
# unless they are running on another host
|
2017-03-16 15:26:39 +00:00
|
|
|
EXTRA=""
|
|
|
|
if [ "$POSTGRES" == "local" ]; then
|
|
|
|
EXTRA="$EXTRA postgresql postgresql-contrib"
|
|
|
|
fi
|
|
|
|
if [ "$RABBITMQ" == "local" ]; then
|
|
|
|
EXTRA="$EXTRA rabbitmq-server"
|
|
|
|
fi
|
|
|
|
if [ "$NGINX" == "local" ]; then
|
|
|
|
EXTRA="$EXTRA nginx"
|
|
|
|
fi
|
2013-08-22 14:26:38 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# install all required packages
|
2013-08-22 14:26:38 +00:00
|
|
|
apt-get install -y \
|
2015-05-15 11:42:32 +00:00
|
|
|
sudo \
|
2013-08-22 14:26:38 +00:00
|
|
|
openssh-server \
|
2017-11-07 17:54:44 +00:00
|
|
|
iproute2 \
|
2013-08-22 14:26:38 +00:00
|
|
|
vim \
|
|
|
|
wget \
|
|
|
|
pwgen \
|
|
|
|
git \
|
2017-02-16 12:49:22 +00:00
|
|
|
python3-setuptools \
|
|
|
|
python3-pip \
|
2017-11-02 21:08:17 +00:00
|
|
|
python3-venv \
|
2017-02-16 12:49:22 +00:00
|
|
|
python3-dev \
|
|
|
|
python3-pil \
|
|
|
|
python3-numpy \
|
|
|
|
python3-psycopg2 \
|
|
|
|
python3-pyinotify \
|
2023-06-07 20:26:52 +00:00
|
|
|
python3-maxminddb \
|
|
|
|
libmaxminddb-dev \
|
2017-02-16 12:49:22 +00:00
|
|
|
python3-lxml \
|
2020-09-27 11:03:45 +00:00
|
|
|
python3-cssselect \
|
2017-02-16 12:49:22 +00:00
|
|
|
python3-html5lib \
|
|
|
|
python3-ox \
|
2019-11-17 12:02:12 +00:00
|
|
|
python3-elasticsearch \
|
2015-01-05 16:07:55 +00:00
|
|
|
ffmpeg \
|
2014-02-13 18:48:47 +00:00
|
|
|
mkvtoolnix \
|
2013-08-22 14:26:38 +00:00
|
|
|
imagemagick \
|
2014-01-04 12:29:11 +00:00
|
|
|
poppler-utils \
|
2017-02-16 12:49:22 +00:00
|
|
|
ipython3 \
|
2019-11-17 12:02:12 +00:00
|
|
|
tesseract-ocr \
|
|
|
|
tesseract-ocr-eng \
|
2013-08-29 09:46:32 +00:00
|
|
|
postfix \
|
2017-03-16 15:26:39 +00:00
|
|
|
postgresql-client $EXTRA
|
2012-10-09 10:44:36 +00:00
|
|
|
|
2023-06-07 20:26:52 +00:00
|
|
|
apt-get install -y oxframe
|
2019-07-14 17:47:20 +00:00
|
|
|
apt-get install -y --no-install-recommends youtube-dl rtmpdump
|
|
|
|
|
2023-06-07 20:26:52 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# setup database
|
|
|
|
|
2017-03-16 15:26:39 +00:00
|
|
|
if [ "$POSTGRES" == "local" ]; then
|
|
|
|
sudo -u postgres createuser -S -D -R $PANDORA
|
|
|
|
sudo -u postgres createdb -T template0 --locale=C --encoding=UTF8 -O $PANDORA pandora
|
|
|
|
echo "CREATE EXTENSION pg_trgm;" | sudo -u postgres psql pandora
|
|
|
|
fi
|
2010-12-02 03:32:06 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# setup rabbitmq
|
2017-03-16 15:26:39 +00:00
|
|
|
if [ "$RABBITMQ" == "local" ]; then
|
|
|
|
RABBITPWD=$(pwgen -n 16 -1)
|
|
|
|
rabbitmqctl add_user pandora $RABBITPWD
|
2020-09-19 12:49:44 +00:00
|
|
|
rabbitmqctl change_password pandora $RABBITPWD
|
2017-03-16 15:26:39 +00:00
|
|
|
rabbitmqctl add_vhost /pandora
|
|
|
|
rabbitmqctl set_permissions -p /pandora pandora ".*" ".*" ".*"
|
2019-07-16 19:58:10 +00:00
|
|
|
CELERY_BROKER_URL="amqp://pandora:$RABBITPWD@localhost:5672//pandora"
|
2017-03-16 15:26:39 +00:00
|
|
|
else
|
2019-07-16 19:58:10 +00:00
|
|
|
CELERY_BROKER_URL="$RABBITMQ"
|
2017-03-16 15:26:39 +00:00
|
|
|
fi
|
2010-12-02 03:32:06 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# checkout pandora from git
|
2024-06-01 09:37:27 +00:00
|
|
|
git clone https://code.0x2620.org/0x2620/pandora.git /srv/pandora
|
2014-11-20 19:11:02 +00:00
|
|
|
cd /srv/pandora
|
2019-04-30 10:42:28 +00:00
|
|
|
git checkout $BRANCH
|
2019-12-20 14:59:42 +00:00
|
|
|
chown -R $PANDORA:$PANDORA /srv/pandora
|
2016-02-20 07:49:06 +00:00
|
|
|
./ctl init
|
2013-07-03 14:25:57 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# create config.jsonc from templates in git
|
2012-03-23 20:57:43 +00:00
|
|
|
HOST=$(hostname -s)
|
2012-04-20 10:22:32 +00:00
|
|
|
HOST_CONFIG="/srv/pandora/pandora/config.$HOST.jsonc"
|
|
|
|
SITE_CONFIG="/srv/pandora/pandora/config.jsonc"
|
|
|
|
test -e $HOST_CONFIG && cp $HOST_CONFIG $SITE_CONFIG
|
|
|
|
test -e $SITE_CONFIG || cp /srv/pandora/pandora/config.pandora.jsonc $SITE_CONFIG
|
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# create local_settings.py
|
2015-03-14 19:34:54 +00:00
|
|
|
cat > /srv/pandora/pandora/local_settings.py <<EOF
|
2011-11-08 17:05:26 +00:00
|
|
|
DATABASES = {
|
|
|
|
'default': {
|
|
|
|
'NAME': 'pandora',
|
|
|
|
'ENGINE': 'django.db.backends.postgresql_psycopg2',
|
2015-05-02 10:09:53 +00:00
|
|
|
'USER': '$PANDORA',
|
2011-11-08 17:05:26 +00:00
|
|
|
'PASSWORD': '',
|
|
|
|
}
|
|
|
|
}
|
2019-07-16 19:58:10 +00:00
|
|
|
CELERY_BROKER_URL = '$CELERY_BROKER_URL'
|
2010-12-02 03:32:06 +00:00
|
|
|
XACCELREDIRECT = True
|
2012-04-20 10:22:32 +00:00
|
|
|
|
|
|
|
DEBUG = False
|
|
|
|
TEMPLATE_DEBUG = DEBUG
|
|
|
|
JSON_DEBUG = False
|
2015-01-19 15:34:21 +00:00
|
|
|
DB_GIN_TRGM = True
|
2010-12-02 03:32:06 +00:00
|
|
|
EOF
|
|
|
|
|
2015-05-02 10:09:53 +00:00
|
|
|
MANAGE="sudo -H -u $PANDORA /srv/pandora/pandora/manage.py"
|
2013-02-02 14:23:44 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# more sure all files are owned by the pandora user
|
2015-03-20 09:28:03 +00:00
|
|
|
mkdir /srv/pandora/data
|
2015-05-02 10:09:53 +00:00
|
|
|
chown -R $PANDORA:$PANDORA /srv/pandora
|
2015-03-20 09:28:03 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# initialize the database
|
2015-05-06 17:00:02 +00:00
|
|
|
echo "Initialize database..."
|
2010-12-02 03:32:06 +00:00
|
|
|
cd /srv/pandora/pandora
|
2015-01-19 15:34:21 +00:00
|
|
|
$MANAGE init_db
|
2019-02-15 09:30:23 +00:00
|
|
|
$MANAGE createcachetable
|
2015-03-20 08:39:35 +00:00
|
|
|
echo "UPDATE django_site SET domain = '$HOST.local', name = '$HOST.local' WHERE 1=1;" | $MANAGE dbshell
|
2011-11-08 17:05:26 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# install pandora systemd services
|
2015-01-19 17:40:32 +00:00
|
|
|
/srv/pandora/ctl install
|
2015-05-02 10:09:53 +00:00
|
|
|
if [ "$PANDORA" != "pandora" ]; then
|
|
|
|
sed -i \
|
2017-03-16 15:26:39 +00:00
|
|
|
-e "s/User=pandora/User=$PANDORA/g" \
|
|
|
|
-e "s/Group=pandora/Group=$PANDORA/g" \
|
2015-05-02 10:09:53 +00:00
|
|
|
-e "s/home\/pandora/home\/$PANDORA/g" \
|
2017-03-16 13:11:15 +00:00
|
|
|
/etc/systemd/system/pandora*.service
|
2017-03-16 15:26:39 +00:00
|
|
|
sed -i "s/pandora pandora/$PANDORA $PANDORA/g" /etc/tmpfiles.d/pandora.conf
|
|
|
|
systemctl daemon-reload
|
2015-05-02 10:09:53 +00:00
|
|
|
fi
|
2015-01-19 17:40:32 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# if pandora is running inside a container, expose backend at port 2620
|
2015-01-19 17:40:32 +00:00
|
|
|
if [ "$LXC" == "yes" ]; then
|
2020-09-21 13:03:27 +00:00
|
|
|
sed -i "s/127.0.0.1/[::]/g" /srv/pandora/pandora/gunicorn_config.py
|
2015-04-29 12:58:11 +00:00
|
|
|
echo "WEBSOCKET_ADDRESS = \"0.0.0.0\"" >> /srv/pandora/pandora/local_settings.py
|
2014-09-30 12:43:22 +00:00
|
|
|
fi
|
2013-07-03 14:25:57 +00:00
|
|
|
/srv/pandora/ctl start
|
2010-12-02 03:32:06 +00:00
|
|
|
|
2013-02-09 10:42:21 +00:00
|
|
|
#logrotate
|
2017-02-15 18:02:34 +00:00
|
|
|
#cp "/srv/pandora/etc/logrotate.d/pandora" "/etc/logrotate.d/pandora"
|
2013-02-09 10:42:21 +00:00
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# configure nginx
|
2017-03-16 15:26:39 +00:00
|
|
|
if [ "$NGINX" == "local" ]; then
|
2013-09-15 17:19:09 +00:00
|
|
|
|
2020-05-29 23:50:53 +00:00
|
|
|
cp "/srv/pandora/etc/nginx/pandora" "/etc/nginx/sites-available/pandora"
|
2020-05-30 11:01:44 +00:00
|
|
|
rm -f /etc/nginx/sites-enabled/default /etc/nginx/sites-enabled/pandora
|
2020-05-29 23:50:53 +00:00
|
|
|
ln -s ../sites-available/pandora /etc/nginx/sites-enabled/pandora
|
|
|
|
|
2013-09-15 17:19:09 +00:00
|
|
|
read -r -d '' GZIP <<EOI
|
|
|
|
gzip_static on;\\
|
|
|
|
\tgzip_http_version 1.1;\\
|
|
|
|
\tgzip_vary on;\\
|
|
|
|
\tgzip_comp_level 6;\\
|
|
|
|
\tgzip_proxied any;\\
|
|
|
|
\tgzip_types text/plain text/css application/json text/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;\\
|
|
|
|
\tgzip_buffers 16 8k;\\
|
|
|
|
\tgzip_disable "MSIE [1-6]\.(?!.*SV1)";
|
|
|
|
EOI
|
|
|
|
|
|
|
|
sed -i -e "s#gzip_disable \"msie6\";#${GZIP}#g" /etc/nginx/nginx.conf
|
|
|
|
|
2024-06-01 09:59:11 +00:00
|
|
|
echo "types { application/javascript js mjs; }" > /etc/nginx/conf.d/mjs.conf
|
|
|
|
|
2010-12-02 03:32:06 +00:00
|
|
|
service nginx restart
|
|
|
|
|
2017-03-16 15:26:39 +00:00
|
|
|
fi
|
|
|
|
|
2019-07-14 16:39:35 +00:00
|
|
|
# additional configurations if installed outside of LXD/LXC
|
2013-08-22 14:26:38 +00:00
|
|
|
if [ "$LXC" == "no" ]; then
|
2019-07-14 16:39:35 +00:00
|
|
|
echo Servers=pool.ntp.org >> /etc/systemd/timesyncd.conf
|
2014-10-10 14:16:54 +00:00
|
|
|
cat > /usr/local/bin/genissue <<EOF
|
2014-10-10 15:54:57 +00:00
|
|
|
#!/bin/sh
|
|
|
|
HOST=\$(ps ax | grep avahi-daemon | grep local | sed "s/.*\[\(.*\)\].*/\1/g" | sed 's/\.$//')
|
2012-04-24 09:56:20 +00:00
|
|
|
echo Welcome to pan.do/ra. Connect via one of these URLs:
|
2012-03-30 14:57:07 +00:00
|
|
|
echo
|
2014-10-10 14:16:54 +00:00
|
|
|
if [ -n "\$HOST" ]; then
|
2013-07-11 15:10:17 +00:00
|
|
|
echo " http://\$HOST/"
|
|
|
|
fi
|
2017-11-07 17:12:47 +00:00
|
|
|
for ip in \$(ip -4 a | grep inet | grep -v peer | grep -v '127.0.0.1' | cut -f1 -d/ | sed s/inet//g | xargs); do
|
2012-03-30 14:57:07 +00:00
|
|
|
echo " http://\$ip/"
|
|
|
|
done
|
|
|
|
echo
|
|
|
|
EOF
|
|
|
|
chmod +x /usr/local/bin/genissue
|
2013-07-03 14:25:57 +00:00
|
|
|
/usr/local/bin/genissue > /etc/issue
|
2012-03-30 14:57:07 +00:00
|
|
|
|
2015-03-14 19:34:54 +00:00
|
|
|
cat > /etc/rc.local <<EOF
|
2012-03-30 14:57:07 +00:00
|
|
|
#!/bin/sh -e
|
2019-07-14 16:39:35 +00:00
|
|
|
# vm has one network interface and that might change, make sure its not persistent
|
2012-03-30 14:57:07 +00:00
|
|
|
rm -f /etc/udev/rules.d/70-persistent-net.rules
|
|
|
|
|
|
|
|
#update issue
|
|
|
|
/usr/local/bin/genissue > /etc/issue
|
|
|
|
EOF
|
|
|
|
chmod +x /etc/rc.local
|
2015-03-14 19:34:54 +00:00
|
|
|
fi
|
|
|
|
|
2015-01-19 17:47:46 +00:00
|
|
|
apt-get clean
|
2013-07-03 14:25:57 +00:00
|
|
|
|
2015-05-02 10:09:53 +00:00
|
|
|
cat > /home/$PANDORA/.vimrc <<EOF
|
2013-07-03 14:25:57 +00:00
|
|
|
set nocompatible
|
|
|
|
set encoding=utf-8
|
|
|
|
set showcmd
|
|
|
|
set autochdir
|
|
|
|
|
|
|
|
set tabstop=4 shiftwidth=4
|
|
|
|
set expandtab
|
|
|
|
|
|
|
|
set si
|
|
|
|
set sw=4
|
|
|
|
set sts=4
|
|
|
|
set backspace=indent,eol,start
|
|
|
|
|
|
|
|
set hlsearch
|
|
|
|
set incsearch
|
|
|
|
set ignorecase
|
|
|
|
set smartcase
|
|
|
|
|
|
|
|
set modeline
|
|
|
|
|
|
|
|
nmap <C-V> "+gP
|
|
|
|
imap <C-V> <ESC><C-V>i
|
|
|
|
vmap <C-C> "+y
|
|
|
|
|
|
|
|
filetype plugin indent on
|
|
|
|
syntax on
|
2014-10-20 15:55:14 +00:00
|
|
|
au BufNewFile,BufRead *.jsonc setf javascript
|
2013-07-03 14:25:57 +00:00
|
|
|
|
|
|
|
nmap <C-H> :tabprev<CR>
|
|
|
|
nmap <C-L> :tabnext<CR>
|
|
|
|
|
|
|
|
hi SpellBad ctermbg=0
|
|
|
|
|
|
|
|
nnoremap <F2> :set invpaste paste?<CR>
|
|
|
|
set pastetoggle=<F2>
|
|
|
|
set showmode
|
2015-09-20 16:50:02 +00:00
|
|
|
|
|
|
|
set lcs=tab:→·,trail:·,nbsp:˽
|
|
|
|
set list
|
2017-11-07 22:10:03 +00:00
|
|
|
if has('mouse')
|
|
|
|
set mouse=
|
|
|
|
endif
|
2013-07-03 14:25:57 +00:00
|
|
|
EOF
|
2019-07-14 16:39:35 +00:00
|
|
|
|
|
|
|
cat > /etc/vim/vimrc.local <<EOF
|
|
|
|
runtime! defaults.vim
|
|
|
|
let g:skip_defaults_vim = 1
|
|
|
|
|
|
|
|
set mouse=
|
|
|
|
EOF
|