samjaninf · June 14, 2017 19:22
diff --git a/ofn installer debian ?.sh b/ofn installer debian ?.sh
 #!/bin/bash

 set -ex

 echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d
 echo 'Acquire::ForceIPv4 "true";' > /etc/apt/apt.conf.d/99force-ipv4

 rm -rf /var/lib/apt/lists/* preseed.txt

 echo "postfix postfix/main_mailer_type string Internet site" > preseed.txt

 debconf-set-selections preseed.txt

 # Install right version of ruby
 mkdir -p /usr/local/etc \
 	&& { \
 		echo 'install: --no-document'; \
 		echo 'update: --no-document'; \
 	} >> /usr/local/etc/gemrc

 buildDeps=' bison dpkg-dev libgdbm-dev ruby autoconf '

 apt-get update -y && apt-get install -y --no-install-recommends locales ca-certificates memcached apt-transport-https libterm-readline-perl-perl locales mc net-tools nginx postfix build-essential chrpath libssl-dev libxft-dev libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev git $buildDeps

 localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 export LANG=en_US.utf8

 update-ca-certificates -f

 # Clean apt lists
 rm -rf /var/lib/apt/lists/*

 # Install ruby 2.1.5
 if ! command -v ruby >/dev/null 2>&1; then
  cd /tmp
  wget -O ruby.tar.xz "https://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.5.tar.xz"

  mkdir -p /usr/src/ruby
  tar -xJf ruby.tar.xz -C /usr/src/ruby --strip-components=1
  rm ruby.tar.xz

  cd /usr/src/ruby

  # hack in "ENABLE_PATH_CHECK" disabling to suppress:
  #   warning: Insecure world writable dir

    { \
  		echo '#define ENABLE_PATH_CHECK 0'; \
  		echo; \
  		cat file.c; \
    } > file.c.new
  mv file.c.new file.c

  gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"
  ./configure --build="$gnuArch" --disable-install-doc --enable-shared
  make -j "$(nproc)"
  make install

  apt-get purge -y --auto-remove $buildDeps
  cd /
  rm -r /usr/src/ruby
  gem update --system "2.6.12"
  export GEM_HOME=/usr/local/bundle
  export BUNDLE_PATH="$GEM_HOME"
  export BUNDLE_BIN="$GEM_HOME/bin"
  export BUNDLE_SILENCE_ROOT_WARNING=1
  export BUNDLE_APP_CONFIG="$GEM_HOME"
  export PATH=$BUNDLE_BIN:$PATH
  mkdir -p "$GEM_HOME" "$BUNDLE_BIN" && chmod 777 "$GEM_HOME" "$BUNDLE_BIN"

  # Install right postgresql
  key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
  export GNUPGHOME="$(mktemp -d)"; \
  gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
  gpg --export "$key" > /etc/apt/trusted.gpg.d/postgres.gpg; \
  rm -r "$GNUPGHOME"; \
  apt-key list
 fi
 export PG_MAJOR=9.4
 export PG_VERSION=9.4.12-1.pgdg80+1

 echo 'deb http://apt.postgresql.org/pub/repos/apt/ jessie-pgdg main' $PG_MAJOR > /etc/apt/sources.list.d/pgdg.list

 apt-get update \
 	&& apt-get install -y postgresql-common \
 	&& sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \
 	&& apt-get install -y \
 		postgresql-$PG_MAJOR=$PG_VERSION \
 		postgresql-contrib-$PG_MAJOR=$PG_VERSION \
 	&& rm -rf /var/lib/apt/lists/*

 mv -v /usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample /usr/share/postgresql/ \
 	&& ln -sv ../postgresql.conf.sample /usr/share/postgresql/$PG_MAJOR/ \
 	&& sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /usr/share/postgresql/postgresql.conf.sample

 mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
 export PATH=/usr/lib/postgresql/$PG_MAJOR/bin:$PATH
 export PGDATA=/var/lib/postgresql/data
 mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"


 export OFN_DB=ofn_prod
 export OFN_DB_USER=ofn
 export OFN_DB_PASS=Temple_46

 export POSTGRES_DB=${OFN_DB}
 export POSTGRES_USER=${OFN_DB_USER}
 export POSTGRES_PASSWORD=${OFN_DB_PASS}
 export PGPASSWORD=${OFN_DB_PASS}

 if [ "$POSTGRES_PASSWORD" ]; then
 	pass="PASSWORD '$POSTGRES_PASSWORD'"
 	authMethod=md5
 else
  # The - option suppresses leading tabs but *not* spaces. :)
 	cat >&2 <<-'EOWARN'
 		****************************************************
 		WARNING: No password has been set for the database.
 		         This will allow anyone with access to the
 		         Postgres port to access your database. In
 		         Docker's default configuration, this is
 		         effectively any other container on the same
 		         system.
 		         Use "-e POSTGRES_PASSWORD=password" to set
 		         it in "docker run".
 		****************************************************
 EOWARN

 	pass=
 	authMethod=trust
 fi

 {
 	echo
 	echo "host all all all $authMethod"
 } > "$PGDATA/pg_hba.conf"

 PGUSER="${PGUSER:-postgres}"
 pg_ctl -D "$PGDATA" -o "-c listen_addresses='localhost'" -w start

 export psql=( psql -v ON_ERROR_STOP=1 )

 if [ "$POSTGRES_DB" != 'postgres' ]; then
  "${psql[@]}" --username postgres <<-EOSQL
    CREATE DATABASE "$POSTGRES_DB" ;
  EOSQL
  echo
 fi

 if [ "$POSTGRES_USER" = 'postgres' ]; then
  op='ALTER'
 else
  op='CREATE'
 fi
 "${psql[@]}" --username postgres <<-EOSQL
  $op USER "$POSTGRES_USER" WITH SUPERUSER $pass ;
 EOSQL

 psql+=( --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" )

 PGUSER="${PGUSER:-postgres}" \
 pg_ctl -D "$PGDATA" -m fast -w stop

 # Install Openfoodnetwork
 gem install bundler
 bundle config git.allow_insecure true
 git clone https://github.com/samjaninf/ofn-one /opt/ofn-one
 mkdir /opt/ofn && mv /opt/ofn-one/openfoodnetwork/* /opt/ofn
 # cp openfoodnetwork/. /opt/ofn
 cd /opt/ofn
 bundle install --without test development mysql

 # RUN service postfix start && service nginx start

 #useradd -M -d /opt/ofn -s /bin/bash ofn

 sed -i -e "s#.*tcp_nodelay on.*#        tcp_nodelay off;#" -e "s#.*\# gzip_vary on.*#        gzip_vary on;#" -e "s#.*\# gzip_proxied.*#        gzip_proxied any;#" -e "s#.*\# gzip_http_version.*#        gzip_http_version 1.1;#" -e "s#.*\# gzip_types text/plain text/css application/json application/javascriptt text/xml application/xml application/xml+rss text/javascript;.*#        gzip_types text/plain text/xml text/css text/comma-separated-values text/javascript application/x-javascript application/atom+xml;#" /etc/nginx/nginx.conf

 # install phantomjs
 wget -q https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2 -O phantomjs-2.1.1.tar.bz2
 tar xvjf phantomjs-2.1.1.tar.bz2
 mv phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/bin/phantomjs


 export rakeSecret=$(rake secret)
 echo "===> Configuring Openfoodnetwork for production please wait..."

 export OFN_DIR=/opt/ofn
 sed -e "s#production:#${RAILS_ENV}:#" -e "s#.*adapter:.*#  adapter: postgresql#" -e "s#.*username:.*#  username: ${OFN_DB_USER}#" -e "s#.*password:.*#  password: ${OFN_DB_PASS}#" -e "s#.*database:.*#  database: ${OFN_DB}\n  host: ${OFN_DB_HOST}#" < ${OFN_DIR}/config/database.yml.pkgr > ${OFN_DIR}/config/database.yml

 bundle exec rake db:drop
 bundle exec rake db:create
 bundle exec rake db:schema:load
 bundle exec rake db:migrate
 bundle exec rake db:seed
 echo "===> Running assets precompile"
 bundle exec rake assets:precompile


 sed -e "s#.*server_name.*#    server_name ${OFN_URL};#" < /opt/ofn-one/scripts/ofn.conf > /etc/nginx/sites-enabled/ofn.conf

 service nginx start; service postfix start; service memcached start

 # write unicorn.rb file
 cat << EOF > /opt/ofn/config/unicorn.rb
 app_path = File.expand_path(File.dirname(__FILE__) + '/..')

 # amount of unicorn workers to spin up
 worker_processes (ENV['RAILS_ENV'] == 'production' ? 2 : 1)

 # restarts workers that hang for 30 seconds
 timeout 120

 listen app_path + '/tmp/unicorn.sock', backlog: 64

 listen(3000, backlog: 64) if ENV['RAILS_ENV'] == 'development'

 # Set the working directory of this unicorn instance.
 working_directory app_path

 pid app_path + '/tmp/unicorn.pid'

 preload_app true

 # Garbage collection settings.
 GC.respond_to?(:copy_on_write_friendly=) &&
  GC.copy_on_write_friendly = true

 # If using ActiveRecord, disconnect (from the database) before forking.
 before_fork do |server, worker|
  defined?(ActiveRecord::Base) &&
    ActiveRecord::Base.connection.disconnect!
 end

 # After forking, restore your ActiveRecord connection.
 after_fork do |server, worker|
  defined?(ActiveRecord::Base) &&
    ActiveRecord::Base.establish_connection
 end
 EOF

 sed -i -e "s#.*config.force_ssl.*#  config.force_ssl = false#" /opt/ofn/config/environments/production.rb
 sed -i -e "s#.*config.log_level.*#  config.log_level = :info#" /opt/ofn/config/environments/production.rb

 bundle exec unicorn -p 3000 -c config/unicorn.rb -E ${RAILS_ENV} &>> ${OFN_DIR}/log/ofn.log &
	#!/bin/bash

	set -ex

	echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d
	echo 'Acquire::ForceIPv4 "true";' > /etc/apt/apt.conf.d/99force-ipv4

	rm -rf /var/lib/apt/lists/* preseed.txt

	echo "postfix postfix/main_mailer_type string Internet site" > preseed.txt

	debconf-set-selections preseed.txt

	# Install right version of ruby
	mkdir -p /usr/local/etc \
	&& { \
	echo 'install: --no-document'; \
	echo 'update: --no-document'; \
	} >> /usr/local/etc/gemrc

	buildDeps=' bison dpkg-dev libgdbm-dev ruby autoconf '

	apt-get update -y && apt-get install -y --no-install-recommends locales ca-certificates memcached apt-transport-https libterm-readline-perl-perl locales mc net-tools nginx postfix build-essential chrpath libssl-dev libxft-dev libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev git $buildDeps

	localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
	export LANG=en_US.utf8

	update-ca-certificates -f

	# Clean apt lists
	rm -rf /var/lib/apt/lists/*

	# Install ruby 2.1.5
	if ! command -v ruby >/dev/null 2>&1; then
	cd /tmp
	wget -O ruby.tar.xz "https://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.5.tar.xz"

	mkdir -p /usr/src/ruby
	tar -xJf ruby.tar.xz -C /usr/src/ruby --strip-components=1
	rm ruby.tar.xz

	cd /usr/src/ruby

	# hack in "ENABLE_PATH_CHECK" disabling to suppress:
	# warning: Insecure world writable dir

	{ \
	echo '#define ENABLE_PATH_CHECK 0'; \
	echo; \
	cat file.c; \
	} > file.c.new
	mv file.c.new file.c

	gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"
	./configure --build="$gnuArch" --disable-install-doc --enable-shared
	make -j "$(nproc)"
	make install

	apt-get purge -y --auto-remove $buildDeps
	cd /
	rm -r /usr/src/ruby
	gem update --system "2.6.12"
	export GEM_HOME=/usr/local/bundle
	export BUNDLE_PATH="$GEM_HOME"
	export BUNDLE_BIN="$GEM_HOME/bin"
	export BUNDLE_SILENCE_ROOT_WARNING=1
	export BUNDLE_APP_CONFIG="$GEM_HOME"
	export PATH=$BUNDLE_BIN:$PATH
	mkdir -p "$GEM_HOME" "$BUNDLE_BIN" && chmod 777 "$GEM_HOME" "$BUNDLE_BIN"

	# Install right postgresql
	key='B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8'; \
	export GNUPGHOME="$(mktemp -d)"; \
	gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
	gpg --export "$key" > /etc/apt/trusted.gpg.d/postgres.gpg; \
	rm -r "$GNUPGHOME"; \
	apt-key list
	fi
	export PG_MAJOR=9.4
	export PG_VERSION=9.4.12-1.pgdg80+1

	echo 'deb http://apt.postgresql.org/pub/repos/apt/ jessie-pgdg main' $PG_MAJOR > /etc/apt/sources.list.d/pgdg.list

	apt-get update \
	&& apt-get install -y postgresql-common \
	&& sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf \
	&& apt-get install -y \
	postgresql-$PG_MAJOR=$PG_VERSION \
	postgresql-contrib-$PG_MAJOR=$PG_VERSION \
	&& rm -rf /var/lib/apt/lists/*

	mv -v /usr/share/postgresql/$PG_MAJOR/postgresql.conf.sample /usr/share/postgresql/ \
	&& ln -sv ../postgresql.conf.sample /usr/share/postgresql/$PG_MAJOR/ \
	&& sed -ri "s!^#?(listen_addresses)\s=\s\S+.!\1 = ''!" /usr/share/postgresql/postgresql.conf.sample

	mkdir -p /var/run/postgresql && chown -R postgres:postgres /var/run/postgresql && chmod 2777 /var/run/postgresql
	export PATH=/usr/lib/postgresql/$PG_MAJOR/bin:$PATH
	export PGDATA=/var/lib/postgresql/data
	mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA"


	export OFN_DB=ofn_prod
	export OFN_DB_USER=ofn
	export OFN_DB_PASS=Temple_46

	export POSTGRES_DB=${OFN_DB}
	export POSTGRES_USER=${OFN_DB_USER}
	export POSTGRES_PASSWORD=${OFN_DB_PASS}
	export PGPASSWORD=${OFN_DB_PASS}

	if [ "$POSTGRES_PASSWORD" ]; then
	pass="PASSWORD '$POSTGRES_PASSWORD'"
	authMethod=md5
	else
	# The - option suppresses leading tabs but not spaces. :)
	cat >&2 <<-'EOWARN'
	****************************************************
	WARNING: No password has been set for the database.
	This will allow anyone with access to the
	Postgres port to access your database. In
	Docker's default configuration, this is
	effectively any other container on the same
	system.
	Use "-e POSTGRES_PASSWORD=password" to set
	it in "docker run".
	****************************************************
	EOWARN

	pass=
	authMethod=trust
	fi

	{
	echo
	echo "host all all all $authMethod"
	} > "$PGDATA/pg_hba.conf"

	PGUSER="${PGUSER:-postgres}"
	pg_ctl -D "$PGDATA" -o "-c listen_addresses='localhost'" -w start

	export psql=( psql -v ON_ERROR_STOP=1 )

	if [ "$POSTGRES_DB" != 'postgres' ]; then
	"${psql[@]}" --username postgres <<-EOSQL
	CREATE DATABASE "$POSTGRES_DB" ;
	EOSQL
	echo
	fi

	if [ "$POSTGRES_USER" = 'postgres' ]; then
	op='ALTER'
	else
	op='CREATE'
	fi
	"${psql[@]}" --username postgres <<-EOSQL
	$op USER "$POSTGRES_USER" WITH SUPERUSER $pass ;
	EOSQL

	psql+=( --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" )

	PGUSER="${PGUSER:-postgres}" \
	pg_ctl -D "$PGDATA" -m fast -w stop

	# Install Openfoodnetwork
	gem install bundler
	bundle config git.allow_insecure true
	git clone https://github.com/samjaninf/ofn-one /opt/ofn-one
	mkdir /opt/ofn && mv /opt/ofn-one/openfoodnetwork/* /opt/ofn
	# cp openfoodnetwork/. /opt/ofn
	cd /opt/ofn
	bundle install --without test development mysql

	# RUN service postfix start && service nginx start

	#useradd -M -d /opt/ofn -s /bin/bash ofn

	sed -i -e "s#.tcp_nodelay on.# tcp_nodelay off;#" -e "s#.\# gzip_vary on.# gzip_vary on;#" -e "s#.\# gzip_proxied.# gzip_proxied any;#" -e "s#.\# gzip_http_version.# gzip_http_version 1.1;#" -e "s#.\# gzip_types text/plain text/css application/json application/javascriptt text/xml application/xml application/xml+rss text/javascript;.# gzip_types text/plain text/xml text/css text/comma-separated-values text/javascript application/x-javascript application/atom+xml;#" /etc/nginx/nginx.conf

	# install phantomjs
	wget -q https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2 -O phantomjs-2.1.1.tar.bz2
	tar xvjf phantomjs-2.1.1.tar.bz2
	mv phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/bin/phantomjs


	export rakeSecret=$(rake secret)
	echo "===> Configuring Openfoodnetwork for production please wait..."

	export OFN_DIR=/opt/ofn
	sed -e "s#production:#${RAILS_ENV}:#" -e "s#.adapter:.# adapter: postgresql#" -e "s#.username:.# username: ${OFN_DB_USER}#" -e "s#.password:.# password: ${OFN_DB_PASS}#" -e "s#.database:.# database: ${OFN_DB}\n host: ${OFN_DB_HOST}#" < ${OFN_DIR}/config/database.yml.pkgr > ${OFN_DIR}/config/database.yml

	bundle exec rake db:drop
	bundle exec rake db:create
	bundle exec rake db:schema:load
	bundle exec rake db:migrate
	bundle exec rake db:seed
	echo "===> Running assets precompile"
	bundle exec rake assets:precompile


	sed -e "s#.server_name.# server_name ${OFN_URL};#" < /opt/ofn-one/scripts/ofn.conf > /etc/nginx/sites-enabled/ofn.conf

	service nginx start; service postfix start; service memcached start

	# write unicorn.rb file
	cat << EOF > /opt/ofn/config/unicorn.rb
	app_path = File.expand_path(File.dirname(__FILE__) + '/..')

	# amount of unicorn workers to spin up
	worker_processes (ENV['RAILS_ENV'] == 'production' ? 2 : 1)

	# restarts workers that hang for 30 seconds
	timeout 120

	listen app_path + '/tmp/unicorn.sock', backlog: 64

	listen(3000, backlog: 64) if ENV['RAILS_ENV'] == 'development'

	# Set the working directory of this unicorn instance.
	working_directory app_path

	pid app_path + '/tmp/unicorn.pid'

	preload_app true

	# Garbage collection settings.
	GC.respond_to?(:copy_on_write_friendly=) &&
	GC.copy_on_write_friendly = true

	# If using ActiveRecord, disconnect (from the database) before forking.
	before_fork do \|server, worker\|
	defined?(ActiveRecord::Base) &&
	ActiveRecord::Base.connection.disconnect!
	end

	# After forking, restore your ActiveRecord connection.
	after_fork do \|server, worker\|
	defined?(ActiveRecord::Base) &&
	ActiveRecord::Base.establish_connection
	end
	EOF

	sed -i -e "s#.config.force_ssl.# config.force_ssl = false#" /opt/ofn/config/environments/production.rb
	sed -i -e "s#.config.log_level.# config.log_level = :info#" /opt/ofn/config/environments/production.rb

	bundle exec unicorn -p 3000 -c config/unicorn.rb -E ${RAILS_ENV} &>> ${OFN_DIR}/log/ofn.log &
No results found