install-eg.sh: SSL setup
[sitka/sitka-tools.git] / deployment / install-eg.sh
1 #!/bin/bash
2 # IMPORTANT! This script assumes you have already installed OpenSRF.
3
4 HOSTNAME="nonprod"
5 DEFAULT_USER="sitkastaff"
6 HOMEDIR="/home/${DEFAULT_USER}"
7 #EGRELEASE="Evergreen-ILS-2.10.beta"
8 #BUILDDIR="${HOMEDIR}/${EGRELEASE}"
9 BUILDDIR="${HOMEDIR}/evergreen"
10 INSTALLDIR="/srv/openils"
11 BRANCH="production/sitka_2_10_tpac"
12 STAMP_ID="rel_2_10_2"
13 ALT_STAMP_IDS="rel_2_10_2_sitka_0 2_10_2_sitka_0 2_10_2 rel_2_10_1 2_10_1 rel_2_10_0 2_10_0 rel_2_10_beta 2_10_beta"
14 VERSION="2.10.2.sitka.0"
15 SITKACONF="${HOMEDIR}/sysadmin"
16 SITKACONF_BRANCH="master"
17 SITKATOOLS="/root/sitka-tools"
18
19 THISHOST=`hostname -s`
20
21 suwrap() {
22   su -s /bin/bash -c "source ~/.bashrc ; $1" $2
23 }
24
25 while getopts ":p" opt ; do
26   case $opt in
27     p ) PROD="prod";;
28     e ) EDI="edi";;
29     c ) CRONTAB="crontab";;
30   esac
31 done
32 shift $(($OPTIND - 1))
33
34 if [[ -n "$PROD" ]] ; then
35   echo 'this is a production install'
36 else
37   echo 'this is NOT a production install'
38 fi
39
40 # as DEFAULT_USER
41
42 # grab Sitka config files
43 if [ ! -d "${SITKACONF}" ]
44 then
45   # this will fail unless DEFAULT_USER has read access to the repo
46   suwrap "cd ${HOMEDIR} && git clone git+ssh://git@git.sitka.bclibraries.ca/sitka-infra/sysadmin" ${DEFAULT_USER}
47 fi
48 suwrap "cd ${SITKACONF} && git fetch origin && git checkout ${SITKACONF_BRANCH} && git pull" ${DEFAULT_USER}
49
50 # checkout EG source
51 if [ ! -d "${BUILDDIR}" ]
52 then
53   suwrap "cd ${HOMEDIR} && git clone git://git.sitka.bclibraries.ca/sitka/evergreen evergreen" ${DEFAULT_USER}
54 fi
55 suwrap "cd ${BUILDDIR} && git fetch origin && git checkout ${BRANCH} && git pull" ${DEFAULT_USER}
56
57 # download and unpack EG release
58 #rm -rf ${BUILDDIR}
59 #suwrap "cd ${HOMEDIR} && wget http://open-ils.org/downloads/${EGRELEASE}.tar.gz && tar xzf ${EGRELEASE}.tar.gz" ${DEFAULT_USER}
60  
61 # as root
62 cd ${BUILDDIR} && make -f Open-ILS/src/extras/Makefile.install ubuntu-trusty
63 #cd ${BUILDDIR} && make -f Open-ILS/src/extras/Makefile.install ubuntu-trusty-developer # required for web client
64 # by default, CPAN needs some manual input at this point; you can just accept all defaults
65  
66 # as DEFAULT_USER
67 suwrap "cd ${BUILDDIR} && autoreconf -i" ${DEFAULT_USER} # not required for release versions
68 suwrap "PATH=${INSTALLDIR}/bin:\$PATH cd ${BUILDDIR} && PATH=${INSTALLDIR}/bin:\$PATH ./configure -C --prefix=${INSTALLDIR} --sysconfdir=${INSTALLDIR}/conf --with-opensrf-headers=${INSTALLDIR}/include/ --with-opensrf-libs=${INSTALLDIR}/lib/" ${DEFAULT_USER}
69 suwrap "cd ${BUILDDIR} && make" ${DEFAULT_USER}
70 suwrap "cd ${BUILDDIR}/build/i18n && make LOCALE=fr-CA install && make LOCALE=en-CA install" ${DEFAULT_USER}
71  
72 # as root
73 cd ${BUILDDIR} && make STAFF_CLIENT_VERSION=${VERSION} STAFF_CLIENT_STAMP_ID=${STAMP_ID} install
74 mv ${INSTALLDIR}/var/web/reports/fm_IDL.xml ${INSTALLDIR}/var/web/reports/fm_IDL.xml.orig && cp ${INSTALLDIR}/conf/fm_IDL.xml ${INSTALLDIR}/var/web/reports/
75  
76 # Apache stuff (as root):
77 APACHEFILES="/etc/apache2/eg_vhost.conf /etc/apache2/eg_startup /etc/apache2/envvars"
78 for APACHEFILE in ${APACHEFILES}
79 do
80   mv ${APACHEFILE} ${APACHEFILE}.`date +%Y-%m-%d-%H%M%S`
81   cp ${SITKACONF}/files/${APACHEFILE}/${HOSTNAME} ${APACHEFILE}
82 done
83 # ensure opensrf can run Apache
84 chown -R opensrf:opensrf /var/lock/apache2
85
86 # More Apache stuff for non-production sites (we manage this with Puppet on prod)
87 if [[ ! -n "$PROD" ]] ; then
88   if [ ! -d "/etc/apache2/includes" ] ; then
89     mkdir /etc/apache2/includes
90   fi
91   SITECONFIGS="/etc/apache2/includes/498-ssl-star.catalogue.libraries.coop-include /etc/apache2/includes/499-rewrites.conf-include /etc/apache2/includes/default.conf-include /etc/apache2/sites-available/eg.conf /etc/apache2/sites-available/499-star.catalogue.libraries.coop.conf"
92   for SITECONFIG in ${SITECONFIGS} ; do
93     mv ${SITECONFIG} ${SITECONFIG}.bak
94     cp ${SITKACONF}/files/${SITECONFIG}/${HOSTNAME} ${SITECONFIG}
95     sed -i "s|__NONPROD__|${THISHOST}|g" ${SITECONFIG}
96   done
97   if [ ! -d "/etc/apache2/ssl/libraries.coop/star.catalogue.libraries.coop" ]
98   then
99     mkdir -p /etc/apache2/ssl/libraries.coop/star.catalogue.libraries.coop
100     cp ${SITKACONF}/files/etc/ssl/apache2/star.catalogue.libraries.coop/star.catalogue.libraries.coop.crt /etc/apache2/ssl/libraries.coop/star.catalogue.libraries.coop/star_catalogue_libraries_coop.crt
101     cp ${SITKACONF}/files/etc/ssl/apache2/star.catalogue.libraries.coop/star.catalogue.libraries.coop.key /etc/apache2/ssl/libraries.coop/star.catalogue.libraries.coop/star_catalogue_libraries_coop.key
102     cp ${SITKACONF}/files/etc/ssl/apache2/star.catalogue.libraries.coop/star.catalogue.libraries.coop.ca /etc/apache2/ssl/libraries.coop/star.catalogue.libraries.coop/star_catalogue_libraries_coop.ca
103   fi
104   a2ensite eg.conf
105   a2ensite 499-star.catalogue.libraries.coop.conf
106 fi
107
108 # install default crontab, if specified
109 if [[ -c "$CRONTAB" ]]; then
110   if [ ! -f "/etc/cron.d/evergreen-dailies" ] ; then
111     cp ${SITKACONF}/files/etc/cron.d/evergreen-dailies/${HOSTNAME} /etc/cron.d/evergreen-dailies
112   fi
113 fi
114
115 # set up log rotation
116 if [[ ! -n "$PROD" ]] ; then
117   if [ ! -f "/etc/logrotate.d/evergreen" ]
118   then
119     cp ${SITKACONF}/files/etc/logrotate.d/evergreen/${HOSTNAME} /etc/logrotate.d/evergreen
120   fi
121 fi
122
123 # action trigger filters (prod only)
124 if [[ -n "$PROD" ]] ; then
125   if [ -f "${INSTALLDIR}/conf/action_trigger_filters.json" ] ; then
126     mv ${INSTALLDIR}/conf/action_trigger_filters.json ${INSTALLDIR}/conf/action_trigger_filters.json.`date +%Y-%m-%d-%H%M%S`
127   fi
128   cp ${SITKACONF}/files/${INSTALLDIR}/conf/action_trigger_filters.json/${HOSTNAME} ${INSTALLDIR}/conf/action_trigger_filters.json
129 fi
130  
131 # 0. osrf conf stuff 
132 # FIXME: ensure osrf conf files point at a real, distinct db!
133 OSRFCONFFILES="${INSTALLDIR}/conf/opensrf.xml ${INSTALLDIR}/conf/opensrf_core.xml"
134 for OSRFCONFFILE in ${OSRFCONFFILES}
135 do
136   mv ${OSRFCONFFILE} ${OSRFCONFFILE}.`date +%Y-%m-%d-%H%M%S`
137   cp ${SITKACONF}/files/${OSRFCONFFILE}/${HOSTNAME} ${OSRFCONFFILE}
138   sed -i "s|__HOSTNAME__|${THISHOST}|g" ${OSRFCONFFILE}
139 done
140 if [ ! -f "/home/opensrf/.srfsh.xml" ]
141 then
142   cp ${SITKACONF}/files/home/opensrf/.srfsh.xml/${HOSTNAME} /home/opensrf/.srfsh.xml
143 fi 
144
145 # 1. install dojo
146 if [ ! -f "/home/opensrf/dojo-release-1.3.3.tar.gz" ]
147 then
148   cd /home/opensrf && wget http://download.dojotoolkit.org/release-1.3.3/dojo-release-1.3.3.tar.gz
149 fi
150 tar -C ${INSTALLDIR}/var/web/js -xzf /home/opensrf/dojo-release-1.3.3.tar.gz
151 cp -r ${INSTALLDIR}/var/web/js/dojo-release-1.3.3/* ${INSTALLDIR}/var/web/js/dojo/.
152 # FIXME stock dojo is probably superfluous when we use the following Evergreen-specific tarball...
153 if [ ! -f "/home/opensrf/dojo.tgz" ] ; then
154   cd /home/opensrf && wget http://evergreen-ils.org/downloads/dojo.tgz
155 fi
156 tar -C ${INSTALLDIR}/var/web/js/dojo/ -zxf /home/opensrf/dojo.tgz
157  
158 # 2. set up staff client
159 cd ${INSTALLDIR}/var/web/xul && rm server && rm current
160 cd ${INSTALLDIR}/var/web/xul && ln -s ${STAMP_ID} current && ln -s current/server server
161 for ALT_STAMP_ID in ${ALT_STAMP_IDS}
162 do
163   cd ${INSTALLDIR}/var/web/xul && ln -s current ${ALT_STAMP_ID}
164 done
165  
166 # 3. install circ scripts and opac skins - DEPRECATED
167
168 # 4a. avoid 404s
169 touch ${INSTALLDIR}/var/web/css/skin/default/register_custom.css
170 touch ${INSTALLDIR}/var/web/xul/server/locale/en-CA/patron_custom.properties
171 touch ${INSTALLDIR}/var/web/xul/server/locale/en-CA/common_custom.properties
172 touch ${INSTALLDIR}/var/web/xul/server/locale/en-CA/offline_custom.properties
173 touch ${INSTALLDIR}/var/web/xul/server/locale/en-CA/auth_custom.properties
174 touch ${INSTALLDIR}/var/web/xul/server/locale/en-CA/cat_custom.properties
175 touch ${INSTALLDIR}/var/web/xul/server/locale/en-CA/circ_custom.properties
176 touch ${INSTALLDIR}/var/web/xul/server/locale/en-US/patron_custom.properties
177 touch ${INSTALLDIR}/var/web/xul/server/locale/en-US/common_custom.properties
178 touch ${INSTALLDIR}/var/web/xul/server/locale/en-US/offline_custom.properties
179 touch ${INSTALLDIR}/var/web/xul/server/locale/en-US/auth_custom.properties
180 touch ${INSTALLDIR}/var/web/xul/server/locale/en-US/cat_custom.properties
181 touch ${INSTALLDIR}/var/web/xul/server/locale/en-US/circ_custom.properties
182 touch ${INSTALLDIR}/var/web/xul/server/skin/custom.js
183
184 # 4b. workaround for LP#1461683
185 cd ${INSTALLDIR}/var/web/xul/server/locale/en-CA && mv multiclass_search_help.html multiclass_search_help.html.orig && ln -s ../en-US/multiclass_search_help.html
186
187 # 5. locale hack - XXX deprecated?
188 #cd ${INSTALLDIR}/var/web/opac/locale && cp -fdr en-US en-US-bak && cp -fdr en-CA en-US
189  
190 # 6. deletepatron
191 # ensure apache conf contains deletepatron config (location should be ${INSTALLDIR}/var/web/deletepatron)
192 if [[ ! -d "${INSTALLDIR}/var/web/deletepatron" ]] ; then
193   NEW_DELETEPATRON_INSTALL="true"
194   cd ${INSTALLDIR}/var/web && git clone https://github.com/twirlip/deletepatron.git
195 fi
196 cd ${INSTALLDIR}/var/web/deletepatron && git checkout eg22
197 if [[ -n "$NEW_DELETEPATRON_INSTALL" ]] ; then
198   find ${INSTALLDIR}/var/web/deletepatron -name "*.pm" | xargs sed -i -e 's|/openils|/srv/openils|g'
199 fi
200 apt-get install -y libcgi-session-perl libhtml-template-perl
201
202 # 7. support scripts
203 cp ${BUILDDIR}/Open-ILS/src/support-scripts/generate_circ_notices.pl ${INSTALLDIR}/bin
204 cp ${BUILDDIR}/Open-ILS/src/support-scripts/oils_header.pl ${INSTALLDIR}/bin
205
206 # 7.5 EDI (optional)
207 if [[ -n "$EDI" ]] ; then
208   cp -r ${BUILDDIR}/Open-ILS/src/edi_translator ${INSTALLDIR}/var/edi
209   cd ${INSTALLDIR}/var/edi && ./install.sh
210   cp ${BUILDDIR}/Open-ILS/src/support-scripts/edi_pusher.pl ${INSTALLDIR}/bin
211   cp ${BUILDDIR}/Open-ILS/src/support-scripts/edi_fetcher.pl ${INSTALLDIR}/bin
212   cp ${SYSADMIN}/files/${INSTALLDIR}/bin/edi_per_account_fetcher.sh ${INSTALLDIR}/bin/edi_per_account_fetcher.sh
213 fi
214
215 # 8. setup start page
216 if [ ! -d "${INSTALLDIR}/var/web/news" ]
217 then
218   mkdir ${INSTALLDIR}/var/web/news
219 fi
220 if [ ! -d "${INSTALLDIR}/var/web/news/media" ]
221 then
222   mkdir ${INSTALLDIR}/var/web/news/media
223 fi
224 NEWSFILES="index.html style.css media/logo.png media/book.png media/policy.png media/dash.png media/delete.png"
225 for NEWSFILE in ${NEWSFILES}
226 do
227   if [ -f "${SITKACONF}/files/${INSTALLDIR}/var/web/news/${NEWSFILE}/${HOSTNAME}" ]
228   then
229     cp ${SITKACONF}/files/${INSTALLDIR}/var/web/news/${NEWSFILE}/${HOSTNAME} ${INSTALLDIR}/var/web/news/${NEWSFILE}
230   fi
231 done
232 if [[ -n "$PROD" ]] ; then
233   if [ ! -e "${INSTALLDIR}/var/web/news/wikipull.pl" ] ; then cp ${SITKACONF}/files/${INSTALLDIR}/var/web/news/wikipull.pl/${HOSTNAME} ${INSTALLDIR}/var/web/news/wikipull.pl ; fi
234   if [ ! -e "/etc/cron.d/news" ] ; then cp ${SITKACONF}/files/etc/cron.d/news/${HOSTNAME} /etc/cron.d/news ; fi
235 else
236   # nonprod server, auto-update splash page with install info
237   TODAY=`date +'%A %d %B %Y'`
238   sed -i "s|__THISHOST__|${THISHOST}|g" ${INSTALLDIR}/var/web/news/index.html
239   sed -i "s|__TODAY__|${TODAY}|g" ${INSTALLDIR}/var/web/news/index.html
240   sed -i "s|__VERSION__|${VERSION}|g" ${INSTALLDIR}/var/web/news/index.html
241   sed -i "s|__BRANCH__|${BRANCH}|g" ${INSTALLDIR}/var/web/news/index.html
242 fi
243
244 # 8.5 offline patron list
245 if [ ! -d "${INSTALLDIR}/var/data/offline/blocked" ] ; then 
246   # TODO: handle prod - an NFS share should exist
247   if [[ ! -n "$PROD" ]] ; then
248     mkdir -p ${INSTALLDIR}/var/data/offline/blocked
249   fi
250 fi
251 if [ ! -e "${INSTALLDIR}/var/web/standalone/list.txt" ] ; then ln -sf ${INSTALLDIR}/var/data/offline/blocked/patron-block-list.txt ${INSTALLDIR}/var/web/standalone/list.txt ; fi
252 if [ ! -e "${INSTALLDIR}/bin/update-offline-blocked-list.sh" ] ; then cp ${SITKATOOLS}/maintenance/update-offline-blocked-list.sh ${INSTALLDIR}/bin/update-offline-blocked-list.sh ; fi
253
254 cp ${SITKACONF}/files${INSTALLDIR}/var/data/zips.txt/${HOSTNAME} ${INSTALLDIR}/var/data/zips.txt
255
256 cp -r ${SITKATOOLS}/overdrive-eg-opac/build/* ${INSTALLDIR}/var/web/js/ui/default/opac
257 ODAPI_LIBS="bc mb"
258 for ODAPI_LIB in ${ODAPI_LIBS} ; do
259   cp ${SITKACONF}/files/${INSTALLDIR}/var/web/js/ui/default/opac/${ODAPI_LIB}/od_config.js ${INSTALLDIR}/var/web/js/ui/default/opac/${ODAPI_LIB}/od_config.js
260 done
261
262 # install mobile PAC
263 cd ${INSTALLDIR}/var/web/opac/extras && git clone git://git.sitka.bclibraries.ca/sitka/mobile-evergreen-opac.git mobile
264
265 # 9. make sure opensrf owns all the stuff we just did
266 echo 'managing file permissions...'
267 if [[ ! -n "$PROD" ]] ; then
268   chown -R opensrf:opensrf ${INSTALLDIR} 2>/dev/null
269 else
270   for file in `ls -1 ${INSTALLDIR} | grep -v var` ; do chown -R opensrf:opensrf ${INSTALLDIR}/$file ; done
271   chown opensrf:opensrf ${INSTALLDIR}/var
272   for file in `ls -1 ${INSTALLDIR}/var | egrep -v '(data|tmp|web)'` ; do chown -R opensrf:opensrf ${INSTALLDIR}/var/$file ; done
273   chown opensrf:opensrf ${INSTALLDIR}/var/data ${INSTALLDIR}/var/web
274   for file in `ls -1 ${INSTALLDIR}/var/data | grep -v offline` ; do chown -R opensrf:opensrf ${INSTALLDIR}/var/data/$file ; done
275   for file in `ls -1 ${INSTALLDIR}/var/web | grep -v reporter` ; do chown -R opensrf:opensrf ${INSTALLDIR}/var/web/$file ; done
276 fi
277 chown -R opensrf:opensrf /home/opensrf
278 SKINDIRS="${INSTALLDIR}/var/skins ${INSTALLDIR}/var/web/css/skin"
279 for SKINDIR in ${SKINDIRS} ; do
280   if [[ ! -d "${SKINDIR}" ]] ; then mkdir ${SKINDIR} ; fi
281   chmod 777 ${SKINDIR}
282   chown -R sitkastaff:sitkastaff ${SKINDIR}
283 done
284 chown -R sitkastaff:sitkastaff ${INSTALLDIR}/conf/kpac ${INSTALLDIR}/var/web/images/kpac
285
286 # 10. staff client stuff
287 apt-get install -y nsis unzip
288
289 # 11. integrity checker prereqs
290 apt-get install -y libconfig-simple-perl libgit-repository-perl libdate-manip-perl
291
292 # 12. paper overdue prereqs
293 apt-get install -y python-reportlab python-reportlab-accel unifont