t0xa/old_console
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
old_console/deb_old/skeleton/DEBIAN/postinst
pro100ton ed782d491a Initial migration
2024-11-02 14:12:45 +03:00

179 lines
6 KiB
Bash
Raw Permalink Blame History

#!/bin/bash
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
set -e # fail on any error
PROJECT=armaconsole
# USERS CONFIG
PROJECT_USER="${PROJECT}"
PROJECT_GROUP="www-data"
PROJECT_CHOWNER="${PROJECT_USER}:${PROJECT_GROUP}"
SUDOERS_FILE_PATH="/etc/sudoers.d/${PROJECT}"
# SYSTEMCTL CONFIG
SYSCTL_AMC_SERVICES="amcgunicorn amccelery amccelerybeat amccorrelator amclicense amcchecker amcvector"
SYSCTL_ALL_SERVICES="${SYSCTL_AMC_SERVICES} postgresql nginx elasticsearch redis-server"
# AMC DIRS
AMC_ETC="/etc/${PROJECT}"
AMC_HOME="/usr/local/${PROJECT}"
AMC_WWW="/var/www/${PROJECT}"
AMC_PUBLIC="${AMC_WWW}/public"
# CERTS PATHES
CORE_CERT_PATH="${AMC_PUBLIC}/media/certificate.crt"
CORE_PRIV_KEY_PATH="${AMC_PUBLIC}/media/certificate.key"
NGINX_SSL_PATH="/etc/nginx/ssl/${PROJECT}"
NGINX_CERT_PATH="${NGINX_SSL_PATH}/nginx-selfsigned.crt"
NGINX_PRIV_KEY_PATH="${NGINX_SSL_PATH}/nginx-selfsigned.key"
NGINX_DHPARAM_PATH="${NGINX_SSL_PATH}/dhparam.pem"
NGINX_CERT_SUBJ="/C=RU/ST=Moscow/L=Moscow/O=ARMA/CN=iwarma.ru"
# ======[ Trap Errors ]======#
set -E # let shell functions inherit ERR trap
trap err_handler 1 2 3 15 ERR # Trap non-normal exit signals: 1/HUP, 2/INT, 3/QUIT, 15/TERM, ERR
# shellcheck disable=SC2128
function err_handler() {
local exit_status=${1:-$?}
logger -s -p "syslog.err" -t "${PROJECT}.deb" \
"${PROJECT}.deb script '$0' error code $exit_status (line $BASH_LINENO: '$BASH_COMMAND')"
exit "$exit_status"
}
. /usr/share/debconf/confmodule
# shellcheck disable=SC2034
# shellcheck disable=SC1090
if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then
. /usr/share/dbconfig-common/dpkg/postinst.pgsql
. "${AMC_ETC}/env.prod"
dbc_generate_include_owner="${PROJECT_CHOWNER}"
dbc_generate_include_perms="0640"
dbc_generate_include="sh:${DEBCONF_DBCONF_FPATH}"
dbc_pgsql_createdb_encoding="UTF8"
dbc_go "${PROJECT}" "$@"
fi
DEBUG_INSTALL="${DEBUG_INSTALL:-0}"
[ "$DEBUG_INSTALL" == "1" ] && set -x
[ "$DEBUG_INSTALL" == "1" ] && echo "Calling postinst $*"
function backup_config() {
fpath="$1"
if [ -f "${fpath}" ] && [ ! -f "${fpath}.AMCBK" ]; then
mv "${fpath}" "${fpath}.AMCBK"
fi
}
function backup_and_copy_config() {
fpath="$1"
if [ -f "${fpath}" ] && [ ! -f "${fpath}.AMCBK" ]; then
cp -f "${fpath}" "${fpath}.AMCBK"
fi
}
function restore_config() {
fpath="$1"
if [ -f "${fpath}.AMCBK" ]; then
rm -f "${fpath}"
mv "${fpath}.AMCBK" "${fpath}"
fi
}
function backup_and_link_config() {
path_from="$1"
path_to="$2"
restore_config "${path_to}"
backup_config "${path_to}"
rm -f "${path_to}"
ln -sf "${path_from}" "${path_to}"
}
set -u # treat unset variables as errors
case "$1" in
configure | abort-remove)
# Logstash
# backup_and_link_config "${AMC_ETC}/logstash.yml" "/etc/logstash/logstash.yml"
# ln -sf "/etc/logstash/conf.d/" "${AMC_PUBLIC}/logstash"
# chmod 777 "${AMC_PUBLIC}/logstash" # TODO change folder and owner instead 777
# Vector
# backup_and_link_config "${AMC_ETC}/vector.yml" "/etc/vector/vector.yml"
# ln -sf "/etc/vector/conf.d/" "${AMC_PUBLIC}/vector"
mkdir -p "${AMC_PUBLIC}/vector"
mkdir -p "${AMC_WWW}/vector"
# Elasticsearch
backup_and_link_config "${AMC_ETC}/elasticsearch.yml" "/etc/elasticsearch/elasticsearch.yml"
mkdir -p "/usr/share/elasticsearch/data"
chmod 777 "/usr/share/elasticsearch/data" &>/dev/null
if [ -f /.dockerenv ]; then
backup_and_copy_config "/etc/elasticsearch/jvm.options"
sed -i 's|^#\?-Djava.io.tmpdir=.*|-Djava.io.tmpdir=/var/log/elasticsearch|' /etc/elasticsearch/jvm.options
sed -i 's|^[# ]*-Xms[0-9]\+g *$|-Xms2g|' /etc/elasticsearch/jvm.options
sed -i 's|^[# ]*-Xmx[0-9]\+g *$|-Xmx2g|' /etc/elasticsearch/jvm.options
# backup_and_copy_config "/etc/logstash/jvm.options"
# sed -i 's|^#\?-Djava.io.tmpdir=.*|-Djava.io.tmpdir=/var/log/logstash|' /etc/logstash/jvm.options
# sed -i 's|^[# ]*-Xms[0-9]\+g *$|-Xms2g|' /etc/logstash/jvm.options
# sed -i 's|^[# ]*-Xmx[0-9]\+g *$|-Xmx2g|' /etc/logstash/jvm.options
fi
# Nginx
rm -f "/etc/nginx/sites-enabled/default"
cp -f "${AMC_HOME}/nginx/${PROJECT}_http.nginx" "${AMC_HOME}/nginx/${PROJECT}.nginx"
ln -sf "${AMC_HOME}/nginx/${PROJECT}.nginx" "/etc/nginx/sites-enabled/${PROJECT}.nginx"
# TODO: Generate cer, key, pem from core python module
[ -f "${NGINX_DHPARAM_PATH}" ] || openssl dhparam -out "${NGINX_DHPARAM_PATH}" 2048 &>/dev/null
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout "${CORE_PRIV_KEY_PATH}" \
-out "${CORE_CERT_PATH}" \
-subj "${NGINX_CERT_SUBJ}" &>/dev/null
cp -f "${CORE_CERT_PATH}" "${NGINX_CERT_PATH}"
cp -f "${CORE_PRIV_KEY_PATH}" "${NGINX_PRIV_KEY_PATH}"
# Dirs
chown -R "${PROJECT_CHOWNER}" "${AMC_HOME}"
chown -R "${PROJECT_CHOWNER}" "${AMC_ETC}"
chown -R "${PROJECT_CHOWNER}" "${AMC_WWW}"
chown -R "${PROJECT_CHOWNER}" "${NGINX_SSL_PATH}"
if [ -f /lib/systemd/system/vector.service ] || [ -f /usr/lib/systemd/system/vector.service ]
then
#stop default vector.service
systemctl stop vector.service
#disable default vector.service
systemctl disable vector.service
#remove default vector.service files
rm -f /lib/systemd/system/vector.service /usr/lib/systemd/system/vector.service
fi
# Services
systemctl daemon-reload
# shellcheck disable=SC2086
systemctl enable ${SYSCTL_ALL_SERVICES}
# shellcheck disable=SC2086
systemctl restart ${SYSCTL_ALL_SERVICES} || true
;;
abort-upgrade | abort-deconfigure) ;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
exit 0
Reference in a new issue View git blame Copy permalink