umorpha-boxes/modules/service-bookstack.sh

129 lines
4.2 KiB
Bash
Raw Permalink Normal View History

2023-12-11 20:14:08 +00:00
#!/hint/bash -euE
2024-01-25 21:00:47 +00:00
# Copyright (C) 2023-2024 Umorpha Systems
2023-12-11 20:14:08 +00:00
# SPDX-License-Identifier: AGPL-3.0-or-later
load_module "$(dirname -- "${BASH_SOURCE[0]}")/base-uwsgi.sh"
load_module "$(dirname -- "${BASH_SOURCE[0]}")/base-nginx.sh"
2023-12-14 06:04:24 +00:00
load_module "$(dirname -- "${BASH_SOURCE[0]}")/base-mariadb.sh"
2023-12-11 20:14:08 +00:00
packages+=(
uwsgi-plugin-php
)
post_install+=(20:bookstack:post_install)
bookstack:post_install() {
local arg_mountpoint=$1
install -Dm644 /dev/stdin "$arg_mountpoint/etc/nginx/sites/bookstack.conf" <<-'EOF'
# -*- mode: nginx; nginx-indent-level: 4; intent-tabs-mode: nil -*-
server {
server_name bookstack.mothstuff.lol;
include /etc/nginx/snippets/listen.conf;
2024-01-25 10:27:59 +00:00
error_log /var/log/nginx/main-error.http.bookstack.mothstuff.lol.log error;
2023-12-11 20:14:08 +00:00
root /usr/share/webapps/bookstack/public;
index index.php index.html;
2023-12-14 10:05:09 +00:00
location / {
try_files $uri $uri/ /index.php?$query_string;
}
2023-12-11 20:14:08 +00:00
location /index.php {
uwsgi_cache_key $host$request_uri;
uwsgi_cache_valid 5m;
include uwsgi_params;
uwsgi_modifier1 14; # Standard PHP request
uwsgi_pass unix:/run/uwsgi/bookstack.sock;
}
}
EOF
2023-12-15 07:08:13 +00:00
install -Dm755 /dev/stdin "$arg_mountpoint/etc/webapps/bookstack/config.env.gen" <<-'EOF'
2023-12-11 20:14:08 +00:00
#!/usr/bin/env bash
cat <<CFGEOF
APP_KEY=$(cat /etc/umorpha-secrets/bookstack-app-key.txt)
APP_URL=https://bookstack.mothstuff.lol
DB_HOST=localhost
DB_DATABASE=bookstack
DB_USERNAME=bookstack
MAIL_DRIVER=smtp
MAIL_HOST=mail.infomaniak.com
MAIL_PORT=465
MAIL_ENCRYPTION=tls
MAIL_USERNAME=$(cat /etc/umorpha-secrets/bookstack-infomaniak-mailaddr.txt)
MAIL_PASSWORD=$(cat /etc/umorpha-secrets/bookstack-infomaniak-mailpassword.txt)
MAIL_FROM=$(cat /etc/umorpha-secrets/bookstack-infomaniak-mailaddr.txt)
MAIL_FROM_NAME="Umorpha BookStack"
AUTH_METHOD=oidc
2023-12-15 07:08:13 +00:00
AUTH_AUTO_INITIATE=false
2023-12-11 20:14:08 +00:00
OIDC_NAME=Infomaniak
OIDC_DISPLAY_NAME_CLAIMS=name
OIDC_CLIENT_ID=$(cat /etc/umorpha-secrets/bookstack-infomaniak-clientid.txt)
OIDC_CLIENT_SECRET=$(cat /etc/umorpha-secrets/bookstack-infomaniak-clientsecret.txt)
OIDC_ISSUER=https://login.infomaniak.com
OIDC_ISSUER_DISCOVER=true
CFGEOF
EOF
2023-12-15 21:21:30 +00:00
# https://github.com/BookStackApp/BookStack/pull/4726
2023-12-15 18:46:37 +00:00
local patchfile
patchfile=$(realpath -- "$(dirname -- "${BASH_SOURCE[0]}")/0001-Oidc-Properly-query-the-UserInfo-Endpoint.patch")
2023-12-15 18:03:12 +00:00
pushd "$arg_mountpoint/usr/share/webapps/bookstack"
2023-12-15 18:46:37 +00:00
patch -p1 -i "$patchfile"
2023-12-15 18:03:12 +00:00
popd
2023-12-15 07:08:13 +00:00
2023-12-11 20:14:08 +00:00
install -Dm644 /dev/stdin "$arg_mountpoint/etc/systemd/system/bookstack-init.service" <<-'EOF'
[Unit]
Description=Initialize BookStack configuration
Before=uwsgi@bookstack.service
2023-12-14 08:07:09 +00:00
Requires=mariadb.service
After=mariadb.service
2023-12-11 20:14:08 +00:00
ConditionPathExists=/etc/umorpha-secrets/bookstack-app-key.txt
ConditionPathExists=/etc/umorpha-secrets/bookstack-infomaniak-mailaddr.txt
ConditionPathExists=/etc/umorpha-secrets/bookstack-infomaniak-mailpassword.txt
ConditionPathExists=/etc/umorpha-secrets/bookstack-infomaniak-clientid.txt
ConditionPathExists=/etc/umorpha-secrets/bookstack-infomaniak-clientsecret.txt
[Service]
Type=oneshot
2023-12-15 18:03:12 +00:00
ExecStart=/etc/webapps/bookstack/post-install
2023-12-14 10:05:09 +00:00
EOF
2023-12-15 07:08:13 +00:00
local phpset=(
extension=pdo_mysql.so
extension=iconv.so
extension=gd.so
)
2023-12-15 18:03:12 +00:00
install -Dm755 /dev/stdin "$arg_mountpoint/etc/webapps/bookstack/post-install" <<-EOF
2023-12-14 10:05:09 +00:00
#!/bin/sh
2023-12-15 07:08:13 +00:00
set -x
sudo -u bookstack sh -c "umask 0077; /etc/webapps/bookstack/config.env.gen >/etc/webapps/bookstack/config.env"
2023-12-14 10:05:09 +00:00
if ! [ -e /var/lib/mysql/bookstack/db.opt ]; then
sudo -u mysql mariadb --execute="CREATE DATABASE bookstack; CREATE USER 'bookstack'@'localhost'; GRANT ALL ON bookstack.* TO 'bookstack'@'localhost'; FLUSH PRIVILEGES;"
fi
2023-12-15 07:08:13 +00:00
sudo -u bookstack sh -c "cd /usr/share/webapps/bookstack && php ${phpset[*]/#/-d } ./artisan migrate --no-interaction --force"
2023-12-11 20:14:08 +00:00
EOF
mkdir -p -- "$arg_mountpoint/etc/systemd/system/uwsgi@bookstack.service.wants"
ln -s "../bookstack-init.service" "$arg_mountpoint/etc/systemd/system/uwsgi@bookstack.service.wants"
2023-12-15 07:08:13 +00:00
install -Dm644 /dev/stdin "$arg_mountpoint/etc/uwsgi/bookstack.ini" <<-EOF
2023-12-11 20:14:08 +00:00
[uwsgi]
master = true
processes = 4
uid = %n
gid = http
plugins = php
2023-12-15 07:08:13 +00:00
${phpset[*]/#/$'\nphp-set = '}
2023-12-11 20:14:08 +00:00
EOF
systemctl --root="$arg_mountpoint" enable uwsgi@bookstack.socket
}