# use a list of classes for our demo machine
case $HOSTNAME in
faiserver*)
- echo "FAIBASE FAISEVER SYSADMIN VM"
+ echo "FAIBASE FAISERVER SYSADMIN VM"
+ ;;
+ nekohost)
+ echo "FAIBASE $GRUB DHCPC DEMO"
;;
- demohost)
- echo "FAIBASE $GRUB DHCPC DEMO" ;;
rms)
- echo "FAIBASE $GRUB DHCPC DEMO XORG TRISQUEL RMS";;
- gnomehost)
- echo "FAIBASE $GRUB DHCPC DEMO XORG GNOME";;
- atom*)
- echo "FAIBASE $GRUB DHCPC DEMO" ;;
- bear)
- echo "FAIBASE $GRUB DHCPC LVM_XEN_SERVER XEN" ;;
- puma)
- echo "FAIBASE $GRUB DHCPC RAID_XEN_VIRTUAL" ;;
+ echo "FAIBASE $GRUB DHCPC DEMO XORG TRISQUEL RMS"
+ ;;
diskstation*)
echo "FAIBASE DISKLESS DISKTOOLS SYSADMIN FSF"
;;
freestation*)
echo "FAIBASE DISKLESS XORG TRISQUEL WORKSTATION FSF"
;;
+ zoneminder*)
+ echo "FAIBASE SYSADMIN FSF ZONEMINDER MYSQLD"
+ ;;
freetop-x60*)
echo "FAIBASE $GRUB NW_MGR XORG TRISQUEL WORKSTATION FSF"
;;
echo "FAIBASE KVMGUEST SYSADMIN MYSQLD"
;;
streamstation*)
- echo "FAIBASE $GRUB SYSADMIN STREAM LIBREPLANET"
+ echo "FAIBASE $GRUB SYSADMIN STREAM XORG TRISQUEL LPCONF"
;;
freetop*)
- echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LIBREPLANET"
+ echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LPCONF 3DPRINT"
;;
mwikiserver*)
echo "FAIBASE MEDIAWIKI SYSADMIN VM"
echo "FAIBASE WWW CIVICRM SYSADMIN VM MYSQLD"
;;
gnusocial*)
- echo "FAIBASE WWW SYSADMIN VM MYSQLD"
+ echo "FAIBASE WWW SYSADMIN VM MYSQLD GNUSOCIAL YOURLS"
;;
nagios*)
echo "FAIBASE SYSADMIN VM MYSQLD NAGIOS WWW"
irc*)
echo "FAIBASE SYSADMIN KOSA SYSADMIN VM WWW LETSENCRYPT IRC"
;;
+ glamp*)
+ echo "FAIBASE MYSQLD PHP5 SYSADMIN WWW"
+ ;;
+ gmg*libreplanet.org)
+ echo "FAIBASE VM PSQL GMG SYSADMIN LETSENCRYPT LIBREPLANET"
+ ;;
+ gmg*)
+ echo "FAIBASE VM PSQL GMG SYSADMIN LETSENCRYPT"
+ ;;
*)
echo "FAIBASE"
;;
--- /dev/null
+GMG_PATH=/srv/gmg
+GMG_SENDER=noreply@libreplanet.org
+GMG_LOGPATH=/var/log/mediagoblin
--- /dev/null
+LETSENCRYPT_PATH=/srv/
+LETSENCRYPT_EMAIL=sysadmin@fsf.org
--- /dev/null
+DOMAIN=libreplanet.org
--- /dev/null
+SERVERNAME=media-dev.libreplanet.org
--- /dev/null
+SERVERNAME=media.libreplanet.org
\ No newline at end of file
--- /dev/null
+default=0
+timeout=0
+
+title VM kernel
+root (hd0,0)
+kernel /vmlinuz root=/dev/xvda2 ro elevator=noop console=hvc0 xencons=tty
+initrd /initrd.img
--- /dev/null
+# File managed by fai.
+# Local changes will be overwritten.
+# Make changes to fai-configs/files/etc/apache2/*
+
+RedirectMatch temp ^/$ /zm
+
--- /dev/null
+#/bin/bash
+echo Installing GMG into GMG_PATH_TOKEN...
+(
+cd GMG_PATH_TOKEN
+if [ ! -d mediagoblin ]; then
+ /etc/init.d/postgresql start
+ # Create the GMG user
+ sudo -H -u postgres psql -c "UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1'"
+ sudo -H -u postgres psql -c "DROP DATABASE template1"
+ sudo -H -u postgres psql -c "CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING='UNICODE' LC_COLLATE='en_US.UTF8' LC_CTYPE='en_US.UTF8'"
+ sudo -H -u postgres psql -c "UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1'"
+ sudo -H -u postgres psql -c "UPDATE pg_database SET datallowconn = FALSE WHERE datname = 'template1'"
+
+ sudo -H -u postgres createuser -A -D mediagoblin
+ # Crea te GMG database
+ sudo -H -u postgres createdb -E UNICODE -O mediagoblin mediagoblin
+
+ sudo -H -u mediagoblin git clone git://git.savannah.gnu.org/mediagoblin.git -b stable
+
+ if [ ! -d mediagoblin-piwik ]; then
+ sudo -H -u mediagoblin git clone https://github.com/ayleph/mediagoblin-piwik
+ cp -r mediagoblin-piwik/piwik mediagoblin/mediagoblin/plugins/
+ fi
+
+ if [ ! -d mediagoblin-libreplanet ]; then
+ sudo -H -u mediagoblin git clone https://vcs.fsf.org/git/mediagoblin-libreplanet.git
+ cp -r mediagoblin-libreplanet/mediagoblin_libreplanet mediagoblin/mediagoblin/plugins/libreplanet
+ fi
+
+ chown -R mediagoblin.www-data mediagoblin/mediagoblin/plugins/
+
+ cd mediagoblin
+ sudo -H -u mediagoblin git submodule init && git submodule update
+
+ sudo -H -u mediagoblin ./bootstrap.sh && sudo -H -u mediagoblin ./configure && sudo -H -u mediagoblin make
+ sudo -H -u mediagoblin mkdir user_dev && sudo -H -u mediagoblin chmod 750 user_dev
+ #sudo -H -u mediagoblin ./bin/easy_install flup
+ # https://issues.mediagoblin.org/ticket/5373
+ sudo -H -u mediagoblin ./bin/easy_install flup==1.0.3.dev-20110405
+
+ sudo -H -u mediagoblin cp /etc/mediagoblin-templates/mediagoblin.ini mediagoblin_local.ini
+ sudo -H -u mediagoblin cp /etc/mediagoblin-templates/paste.ini paste_local.ini
+
+ sudo -H -u mediagoblin ./bin/gmg dbupdate
+
+ update-rc.d mediagoblin-paster defaults
+ update-rc.d mediagoblin-celery-worker defaults
+ /etc/init.d/mediagoblin-paster start
+ /etc/init.d/mediagoblin-celery-worker start
+fi
+) &>> /var/log/fai/install-mediagoblin.log
+echo Install Completed, started mediagoblin-paster and mediagoblin-celery-worker
--- /dev/null
+#!/bin/bash
+# /etc/init.d/mediagoblin-celery-worker
+#
+## LICENSE: CC0 <http://creativecommons.org/publicdomain/zero/1.0/>
+# To the extent possible under law, Joar Wandborg <http://wandborg.se> has
+# waived all copyright and related or neighboring rights to
+# mediagoblin-celery-worker. This work is published from Sweden.
+#
+## CREDIT
+# Credit goes to jpope <http://jpope.org/> and
+# chimo <http://chimo.chromic.org/>. From which' Arch init scripts this is
+# based upon.
+#
+### BEGIN INIT INFO
+# Provides: mediagoblin-celery-worker
+# Required-Start: $network $named $local_fs
+# Required-Stop: $remote_fs $syslog $network $named $local_fs
+# Should-Start: postgres $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: MediaGoblin Celery task processor init script
+# Description: This script will initiate the GNU MediaGoblin Celery
+# task processor
+### END INIT INFO
+
+################################################################################
+# CHANGE THIS
+# to suit your environment
+################################################################################
+MG_ROOT=GMG_PATH_TOKEN/mediagoblin
+MG_USER=mediagoblin
+################################################################################
+# NOW STOP
+# You probably won't have to change anything else.
+################################################################################
+
+set -e
+
+DAEMON_NAME=mediagoblin-celery-worker
+
+MG_BIN=$MG_ROOT/bin
+MG_CELERYD_BIN=$MG_BIN/celery\ worker
+MG_CONFIG=$MG_ROOT/mediagoblin_local.ini
+MG_CELERY_CONFIG_MODULE=mediagoblin.init.celery.from_celery
+MG_CELERYD_PID_FILE=/var/run/mediagoblin/$DAEMON_NAME.pid
+MG_CELERYD_LOG_FILE=/var/log/mediagoblin/$DAEMON_NAME.log
+
+set_up_directories() {
+ install -o $MG_USER -g users -d -m 755 /var/log/mediagoblin
+ install -o $MG_USER -g users -d -m 755 /var/run/mediagoblin
+}
+
+set_up_directories
+
+# Include LSB helper functions
+. /lib/lsb/init-functions
+
+wait_for_death() {
+ pid=$1
+ seconds=1
+
+ if [ -z "$2" ]; then
+ kill_at=20
+ else
+ kill_at=$2
+ fi
+
+ if [ -z "$pid" ]; then
+ log_action_msg "Could not get PID. Aborting"
+ log_end_msg 1
+ exit 1
+ fi
+
+ while ps ax | grep -v grep | grep $pid > /dev/null; do
+ sleep 1
+ seconds=$(expr $seconds + 1)
+ if [ $seconds -ge $kill_at ]; then
+ log_action_msg "Failed to shut down after $kill_at seconds. Aborting"
+ log_end_msg 1
+ exit 1
+ fi
+ done
+ log_end_msg 0
+}
+
+wait_for_pidfile() {
+ pidfile=$1
+ kill_at=20
+ seconds=1
+
+ while ! [[ -f $pidfile ]]; do
+ sleep 1
+ seconds=$(expr $seconds + 1)
+
+ if [ $seconds -ge $kill_at ]; then
+ log_action_msg "Can't find the PID file," \
+ " the application must have crashed."
+ log_end_msg 1
+ exit 1
+ fi
+ done
+}
+
+getPID() {
+ # Discard any errors from cat
+ cat $MG_CELERYD_PID_FILE 2>/dev/null
+}
+
+case "$1" in
+ start)
+ # Start the MediaGoblin celery worker process
+ log_daemon_msg "Starting GNU MediaGoblin Celery task queue" "$DAEMON_NAME"
+ if [ -z "$(getPID)" ]; then
+ # TODO: Could we send things to log a little bit more beautiful?
+ su -s /bin/sh -c "cd $MG_ROOT && \
+ MEDIAGOBLIN_CONFIG=$MG_CONFIG \
+ CELERY_CONFIG_MODULE=$MG_CELERY_CONFIG_MODULE \
+ $MG_CELERYD_BIN \
+ --pidfile=$MG_CELERYD_PID_FILE \
+ -f $MG_CELERYD_LOG_FILE 2>&1 >> $MG_CELERYD_PID_FILE" \
+ - $MG_USER 2>&1 >> $MG_CELERYD_LOG_FILE &
+
+ CELERYD_RESULT=$?
+
+ wait_for_pidfile $MG_CELERYD_PID_FILE
+
+ log_end_msg $CELERYD_RESULT
+ else
+ # Failed because the PID file indicates it's running
+ log_action_msg "PID file $MG_CELERYD_PID_FILE already exists"
+ log_end_msg 1
+ fi
+ ;;
+ stop)
+ log_daemon_msg "Stopping GNU MediaGoblin Celery task queue" "$DAEMON_NAME"
+ if [ -z "$(getPID)" ]; then
+ # Failed because the PID file indicates it's not running
+ log_action_msg "Could not get PID"
+ log_end_msg 1
+ exit 1
+ else
+ kill $(getPID)
+
+ wait_for_death $(getPID)
+ fi
+ ;;
+ restart)
+ $0 stop
+ $0 start
+ ;;
+ status)
+ if ! [ -z "$(getPID)" ]; then
+ echo "$DAEMON_NAME start/running, process $(getPID)"
+ else
+ echo "$DAEMON_NAME stopped."
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {restart|start|stop|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
\ No newline at end of file
--- /dev/null
+#!/bin/sh
+# /etc/init.d/mediagoblin-paster
+#
+## LICENSE: CC0 <http://creativecommons.org/publicdomain/zero/1.0/>
+# To the extent possible under law, Joar Wandborg <http://wandborg.se> has
+# waived all copyright and related or neighboring rights to
+# mediagoblin-paster. This work is published from Sweden.
+#
+## CREDIT
+# Credit goes to jpope <http://jpope.org/> and
+# chimo <http://chimo.chromic.org/>. From which' Arch init scripts this is
+# based upon.
+#
+### BEGIN INIT INFO
+# Provides: mediagoblin-paster
+# Required-Start: $network $named $local_fs
+# Required-Stop: $remote_fs $syslog $network $named $local_fs
+# Should-Start: postgresql $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: MediaGoblin paster FCGI server init script
+# Description: This script will initiate the GNU MediaGoblin paster
+# fcgi server.
+### END INIT INFO
+
+################################################################################
+# CHANGE THIS
+# to suit your environment
+################################################################################
+MG_ROOT=GMG_PATH_TOKEN/mediagoblin
+MG_USER=mediagoblin
+################################################################################
+# NOW STOP
+# You probably won't have to change anything else.
+################################################################################
+
+set -e
+
+DAEMON_NAME=mediagoblin-paster
+
+MG_BIN=$MG_ROOT/bin
+MG_PASTER_BIN=$MG_BIN/paster
+MG_PASTE_INI=$MG_ROOT/paste_local.ini
+MG_FCGI_HOST=127.0.0.1
+MG_FCGI_PORT=26543
+MG_PASTER_PID_FILE=/var/run/mediagoblin/$DAEMON_NAME.pid
+MG_PASTER_LOG_FILE=/var/log/mediagoblin/$DAEMON_NAME.log
+
+set_up_directories() {
+ install -o $MG_USER -g users -d -m 755 /var/log/mediagoblin
+ install -o $MG_USER -g users -d -m 755 /var/run/mediagoblin
+}
+
+set_up_directories
+
+# Include LSB helper functions
+. /lib/lsb/init-functions
+
+getPID () {
+ # Discard any errors from cat
+ cat $MG_PASTER_PID_FILE 2>/dev/null
+}
+
+case "$1" in
+ start)
+ # Start the MediaGoblin paster process
+ log_daemon_msg "Starting GNU MediaGoblin paster fcgi server" "$DAEMON_NAME"
+ if [ ! -f $MG_PASTE_INI ]; then
+ MG_PASTE_INI=$MG_ROOT/paste.ini
+ fi
+ if [ -z "$(getPID)" ]; then
+ su -s /bin/sh -c "CELERY_ALWAYS_EAGER=False $MG_PASTER_BIN serve \
+ $MG_PASTE_INI \
+ --server-name=fcgi \
+ fcgi_host=$MG_FCGI_HOST fcgi_port=$MG_FCGI_PORT \
+ --pid-file=$MG_PASTER_PID_FILE \
+ --log-file=$MG_PASTER_LOG_FILE \
+ --daemon" - $MG_USER 2>&1 > /dev/null
+
+ PASTER_RESULT=$?
+
+ # Sleep for a while until we're kind of certain that paster has
+ # had it's time to initialize
+ TRIES=0
+ while ! [ "X$PASTER_RESULT" != "X" ]; do
+ log_action_msg "Tried $TRIES time(s)"
+ sleep 0.1
+ TRIES=$((TRIES+1))
+ done
+
+ log_end_msg $PASTER_RESULT
+ else
+ # Failed because the PID file indicates it's running
+ log_action_msg "PID file $MG_PASTER_BIN already exists"
+ log_end_msg 1
+ fi
+ ;;
+ stop)
+ log_daemon_msg "Stopping GNU MediaGoblin paster fcgi server" "$DAEMON_NAME"
+ if [ -z "$(getPID)" ]; then
+ # Failed because the PID file indicates it's not running
+ RET=1
+ else
+ kill $(getPID)
+
+ if [ $? -gt 0 ]; then
+ RET=1
+ else
+ RET=0
+ fi
+ fi
+ log_end_msg $RET
+ ;;
+ restart)
+ $0 stop
+ $0 start
+ ;;
+ status)
+ if ! [ -z "$(getPID)" ]; then
+ echo "$DAEMON_NAME start/running, process $(getPID)"
+ else
+ echo "$DAEMON_NAME stopped."
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {restart|start|stop|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+if [ ! -d /etc/letsencrypt/archive/HOSTNAME_TOKEN ]; then
+
+ # Nasty hack for getting port 443/80 if needed
+ /etc/init.d/nginx stop &> /dev/null
+ /etc/init.d/apache2 stop &> /dev/null
+
+ # Lets get us some SSL
+ cd /srv/letsencrypt
+ ./letsencrypt-auto certonly --standalone --agree-tos --email LETSENCRYPT_EMAIL_TOKEN -d HOSTNAME_TOKEN -d SERVERNAME_TOKEN
+
+ # Nasty hack for putting thoes services back online, okay :)
+ /etc/init.d/nginx start &> /dev/null
+ /etc/init.d/apache2 start &> /dev/null
+fi
+
--- /dev/null
+# If you want to make changes to this file, first copy it to
+# mediagoblin_local.ini, then make the changes there.
+#
+# If you don't see what you need here, have a look at mediagoblin/config_spec.ini
+# It defines types and defaults so it's a good place to look for documentation
+# or to find hidden options that we didn't tell you about. :)
+
+# To change the directory you should make sure you change the
+# directory in paste.ini and/or your webserver configuration.
+#
+# [DEFAULT]
+data_basedir = "GMG_PATH_TOKEN"
+
+[mediagoblin]
+direct_remote_path = /mgoblin_static/
+email_sender_address = "GMG_SENDER_TOKEN"
+
+## Uncomment and change to your DB's appropiate setting.
+## Default is a local sqlite db "mediagoblin.db".
+## Don't forget to run `./bin/gmg dbupdate` after having changed it.
+sql_engine = postgresql:///mediagoblin
+
+# Set to false to enable sending notices
+email_debug_mode = false
+
+# Set to false to disable registrations
+allow_registration = false
+
+# Set to false to disable the ability for users to report offensive content
+allow_reporting = false
+
+## Uncomment this to put some user-overriding templates here
+local_templates = %(data_basedir)s/templates/
+
+## You can set your theme by specifying this (not specifying it will
+## use the default theme). Run `gmg assetlink` to apply the change.
+## The airy and sandyseventiesspeedboat theme comes with GMG; please
+## see the theming docs on how to install other themes.
+# theme = airy
+
+## If you want the terms of service displayed, you can uncomment this
+# show_tos = true
+
+user_privilege_scheme = "uploader,commenter,reporter"
+[storage:queuestore]
+base_dir = %(data_basedir)s/media/queue
+
+[storage:publicstore]
+base_dir = %(data_basedir)s/media/public
+base_url = /mgoblin_media/
+
+[celery]
+# Put celery stuff here
+
+# Place plugins here, each in their own subsection of [plugins].
+# See http://docs.mediagoblin.org/siteadmin/plugins.html for details.
+[plugins]
+[[mediagoblin.plugins.geolocation]]
+[[mediagoblin.plugins.basic_auth]]
+[[mediagoblin.media_types.image]]
+[[mediagoblin.media_types.video]]
+auto_play = False
+[[[skip_transcode]]]
+audio_codecs = Vorbis,
+container_formats = Matroska, Ogg
+mime_types = video/webm, application/ogg
+dimensions_match = False
+video_codecs = VP8 video, Theora
+[[mediagoblin.media_types.pdf]]
+[[mediagoblin.plugins.libreplanet]]
+[[mediagoblin.plugins.piwik]]
+PIWIK_DOMAIN = '*.media.libreplanet.org'
+PIWIK_LOCATION = 'piwik.fsf.org'
+PIWIK_SITEID = 11
--- /dev/null
+# If you want to make changes to this file, first copy it to
+# paste_local.ini, then make the changes there.
+
+[DEFAULT]
+# Set to true to enable web-based debugging messages and etc.
+debug = false
+
+[pipeline:main]
+pipeline = errors mediagoblin
+
+[app:mediagoblin]
+use = egg:mediagoblin#app
+config = %(here)s/mediagoblin_local.ini %(here)s/mediagoblin.ini
+# static paths
+/mgoblin_media = %(here)s/user_dev/media/public
+/mgoblin_static = %(here)s/mediagoblin/static
+/theme_static = %(here)s/user_dev/theme_static
+/plugin_static = %(here)s/user_dev/plugin_static
+
+[loggers]
+keys = root
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = INFO
+handlers = console
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(asctime)s %(levelname)-7.7s [%(name)s] %(message)s
+
+[filter:errors]
+use = egg:mediagoblin#errors
+debug = false
+
+
+##############################
+# Server configuration options
+##############################
+
+# The server that is run by default.
+# By default, should only be accessable locally
+[server:main]
+use = egg:mediagoblin#paste_server_selector
+host = 127.0.0.1
+port = 6543
+# Gunicorn settings. See http://docs.gunicorn.org/en/19.0/settings.html
+# for more information about configuring Gunicorn
+proc_name = gmg
+reload = true
+accesslog = -
+
+#######################
+# Helper server configs
+# ---------------------
+# If you are configuring the paste config manually, you can remove
+# these.
+
+# Use this if you want to run on port 6543 and have MediaGoblin be
+# viewable externally
+[server:broadcast]
+use = egg:Paste#http
+host = 0.0.0.0
+port = 6543
+
+# Use this if you want to connect via fastcgi
+[server:fcgi]
+use = egg:flup#fcgi_fork
+host = %(fcgi_host)s
+port = %(fcgi_port)s
+
+[server:http]
+use = egg:Paste#http
+host = %(http_host)s
+port = %(http_port)s
--- /dev/null
+ #################################################
+ # Stock useful config options, but ignore them :)
+ #################################################
+ include /etc/nginx/mime.types;
+
+ autoindex off;
+ default_type application/octet-stream;
+ sendfile on;
+
+ # Gzip
+ gzip on;
+ gzip_min_length 1024;
+ gzip_buffers 4 32k;
+ gzip_types text/plain application/x-javascript text/javascript text/xml text/css;
+
+ #####################################
+ # Mounting MediaGoblin stuff
+ # This is the section you should read
+ #####################################
+
+ # Change this to update the upload size limit for your users
+ client_max_body_size 4g;
+
+ # prevent attacks (someone uploading a .txt file that the browser
+ # interprets as an HTML file, etc.)
+ add_header X-Content-Type-Options nosniff;
+
+ # MediaGoblin's stock static files: CSS, JS, etc.
+ location /mgoblin_static/ {
+ alias GMG_PATH_TOKEN/mediagoblin/mediagoblin/static/;
+ }
+
+ # Instance specific media:
+ location /mgoblin_media/ {
+ alias GMG_PATH_TOKEN/mediagoblin/user_dev/media/public/;
+ }
+
+ # Theme static files (usually symlinked in)
+ location /theme_static/ {
+ alias GMG_PATH_TOKEN/mediagoblin/user_dev/theme_static/;
+ }
+
+ # Plugin static files (usually symlinked in)
+ location /plugin_static/ {
+ alias GMG_PATH_TOKEN/mediagoblin/user_dev/plugin_static/;
+ }
+
+ # Mounting MediaGoblin itself via FastCGI.
+ location / {
+ fastcgi_pass 127.0.0.1:26543;
+ include /etc/nginx/fastcgi_params;
+
+ # our understanding vs nginx's handling of script_name vs
+ # path_info don't match :)
+ fastcgi_param PATH_INFO $fastcgi_script_name;
+ fastcgi_param SCRIPT_NAME "";
+ }
--- /dev/null
+server {
+ listen 80;
+ server_name SERVERNAME_TOKEN;
+
+ include /etc/nginx/mediagoblin-common.conf;
+
+ ## redirect http to https ##
+ rewrite ^ https://$server_name$request_uri? permanent;
+
+ access_log /var/log/nginx/SERVERNAME_TOKEN-ssl.access.log;
+ error_log /var/log/nginx/SERVERNAME_TOKEN-ssl.error.log;
+}
+
+server {
+ listen 443;
+
+ include /etc/nginx/mediagoblin-common.conf;
+
+ access_log /var/log/nginx/SERVERNAME_TOKEN-ssl.access.log;
+ error_log /var/log/nginx/SERVERNAME_TOKEN-ssl.error.log;
+
+ ssl on;
+
+ ## Use a SSL/TLS cache for SSL session resume.
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_timeout 10m;
+
+ ssl_certificate /etc/letsencrypt/live/GMG_FQDN_TOKEN/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/GMG_FQDN_TOKEN/privkey.pem;
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+}
\ No newline at end of file
--- /dev/null
+PACKAGES aptitude
+
+python-serial
+python-wxgtk2.8
+python-pyglet
+python-numpy
+cython
+python-libxml2
+python-gobject
+python-dbus
+python-psutil
+git
+
debconf-utils
file
hdparm
-jove
+emacs24-nox
less
linuxlogo
nfs-common
rdiff-backup
kpartx
language-pack-en-base
+mutt
+tree
+iputils-tracepath
+elinks
+iptables
+fail2ban
--- /dev/null
+PACKAGES aptitude GMG
+git-core
+python
+python-dev
+python-lxml
+python-imaging
+python-virtualenv
+python-bcrypt
+python-gi
+python-gst0.10
+npm
+nodejs-legacy
+automake
+nginx
+gstreamer1.0-tools
+gir1.2-gstreamer-1.0
+gir1.2-gst-plugins-base-1.0
--- /dev/null
+PACKAGES aptitude GNUSOCIAL
+apache2
+mysql-server
+php5
+php5-mysql
+libapache2-mod-php5
+php-apc
+php5-intl
+vsftpd
+php5-cli
+php5-gd
+wget
+unzip
+curl
+mysql-server
+php5-cgi
+php5-curl
+php5-gd
+git
+ca-certificates
+openssl
--- /dev/null
+PACKAGES aptitude LETSENCRYPT
+git-core
+augeas-lenses
+binutils
+cpp
+cpp-4.8
+dialog
+gcc
+gcc-4.8
+libasan0
+libatomic1
+libaugeas0
+libcloog-isl4
+libffi-dev
+libgcc-4.8-dev
+libgomp1
+libisl10
+libitm1
+libmpc3
+libmpfr4
+libquadmath0
+libtsan0
--- /dev/null
+PACKAGES aptitude MARIADB
+mariadb-server
\ No newline at end of file
--- /dev/null
+PACKAGES aptitude PHP5
+php5
+php5-mysql
\ No newline at end of file
--- /dev/null
+PACKAGES aptitude PSQL
+postgresql
+postgresql-client
+python-psycopg2
PACKAGES aptitude VM
-grub-pc-
-linux-image-
-linux-image-generic-
+linux-image-generic
screen
tmux
mosh
+file-roller
--- /dev/null
+PACKAGES aptitude
+zoneminder
+zoneminder-doc
--- /dev/null
+#!/bin/bash
+
+# Create mediagoblin user & group
+if ! $ROOTCMD getent passwd mediagoblin ; then
+ $ROOTCMD useradd -c "GNU MediaGoblin system account" -d /var/lib/mediagoblin -m -r -g www-data mediagoblin
+ $ROOTCMD groupadd mediagoblin && $ROOTCMD usermod --append -G mediagoblin mediagoblin
+fi
--- /dev/null
+#!/bin/bash
+
+if [ ! -d $GMG_PATH ]; then
+ $ROOTCMD mkdir -p $GMG_PATH && $ROOTCMD chown -hR mediagoblin:www-data $GMG_PATH
+fi
+if [ ! -d $GMG_LOGPATH ]; then
+ $ROOTCMD mkdir -p $GMG_LOGPATH && $ROOTCMD chown -hR mediagoblin:mediagoblin $GMG_LOGPATH
+fi
+
--- /dev/null
+#!/bin/bash
+
+# Copy configs
+fcopy -Bv /etc/init.d/install-mediagoblin
+fcopy -Bv /etc/init.d/mediagoblin-paster
+fcopy -Bv /etc/init.d/mediagoblin-celery-worker
+fcopy -Bv /etc/mediagoblin-templates/mediagoblin.ini
+fcopy -Bv /etc/mediagoblin-templates/paste.ini
+fcopy -Bv /etc/nginx/sites-available/mediagoblin
+fcopy -Bv /etc/nginx/mediagoblin-common.conf
+
+# Add installer to boot
+$ROOTCMD update-rc.d install-mediagoblin defaults
+fqdn=$HOSTNAME
+
+# Replace Tokens
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/install-mediagoblin
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/mediagoblin-celery-worker
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/mediagoblin-paster
+
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/mediagoblin-templates/mediagoblin.ini
+sed 's^GMG_SENDER_TOKEN^'$GMG_SENDER'^g' -i $target/etc/mediagoblin-templates/mediagoblin.ini
+
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/nginx/mediagoblin-common.conf
+
+sed 's^GMG_FQDN_TOKEN^'$fqdn'^g' -i $target/etc/nginx/sites-available/mediagoblin
+sed 's^SERVERNAME_TOKEN^'$SERVERNAME'^g' -i $target/etc/nginx/sites-available/mediagoblin
+
+# enable nginx config
+$ROOTCMD ln -s /etc/nginx/sites-available/mediagoblin /etc/nginx/sites-enabled/mediagoblin
+
+if [ ! -f $target//etc/nginx/sites-enabled/default ]; then
+ $ROOTCMD rm /etc/nginx/sites-enabled/default
+fi
--- /dev/null
+#! /bin/bash
+
+# Download gnusocial directly from their download source, as it is the recommended route and there is no repo
+if ! $ROOTCMD getent passwd gnusocial ; then
+ $ROOTCMD adduser --system --ingroup www-data --disabled-password --gecos "gnusocial user" gnusocial
+fi
+
+if ! $ROOTCMD test -e /home/gnusocial/.ssh/id_rsa; then
+ $ROOTCMD echo | $ROOTCMD sudo -u gnusocial ssh-keygen -N ''
+fi
+
+if ! $ROOTCMD echo | cd /home/gnusocial/
+ mkdir /var/www/statusnet/
+ git clone https://git.gnu.io/gnu/gnu-social.git /home/gnusocial/gnu-social; then
+ rm -rf /home/gnusocial/gnu-social/.git
+ mv /home/gnusocial/gnu-social/* /var/www/statusnet/
+fi
--- /dev/null
+#!/bin/bash
+
+if [ ! -d $LETSENCRYPT_PATH/letsencrypt ]; then
+ cd $target/$LETSENCRYPT_PATH
+ git clone https://github.com/letsencrypt/letsencrypt
+fi
+fcopy -Bv /etc/init.d/request-letsencrypt
+
+$ROOTCMD sed 's^LETSENCRYPT_EMAIL_TOKEN^'$LETSENCRYPT_EMAIL'^g' -i /etc/init.d/request-letsencrypt
+$ROOTCMD sed 's^SERVERNAME_TOKEN^'$SERVERNAME'^g' -i /etc/init.d/request-letsencrypt
+$ROOTCMD sed 's^HOSTNAME_TOKEN^'$HOSTNAME'^g' -i /etc/init.d/request-letsencrypt
+
+
+$ROOTCMD update-rc.d request-letsencrypt defaults
--- /dev/null
+#!/bin/bash
+
+fcopy -vB /boot/grub/menu.lst
--- /dev/null
+#! /bin/bash
+
+YOURLS_VERS='1.7.1'
+
+# Download yourls and install; we're going to be doing this under the gnusocial user.
+if ! $ROOTCMD getent passwd gnusocial ; then
+ $ROOTCMD adduser --system --ingroup www-data --disabled-password --gecos "gnusocial user" gnusocial
+fi
+
+if ! $ROOTCMD test -e /home/gnusocial/.ssh/id_rsa; then
+ $ROOTCMD echo | $ROOTCMD sudo -u gnusocial ssh-keygen -N ''
+fi
+
+if ! $ROOTCMD echo | cd /home/gnusocial/
+ mkdir /var/www/yourls
+ curl https://codeload.github.com/YOURLS/YOURLS/tar.gz/$YOURLS_VERS -o /home/gnusocial/yourls.tar.gz; then
+ tar xf /home/gnusocial/yourls.tar.gz -C /home/gnusocial/
+ mv /home/gnusocial/YOURLS-$YOURLS_VERS/* /var/www/yourls/
+fi
--- /dev/null
+#! /bin/sh
+
+# create/link apache configs
+ln -sf $target/etc/zm/apache.conf $target/etc/apache2/conf-available/zoneminder.conf
+fcopy -v /etc/apache2/conf-available/redirect-to-zm.conf
+
+# enable apache configs
+ln -sf $target/etc/apache2/conf-available/zoneminder.conf $target/etc/apache2/conf-enabled/
+ln -sf $target/etc/apache2/conf-available/redirect-to-zm.conf $target/etc/apache2/conf-enabled/
+