merged
authorLisa Marie Maginnis <lisam@fsf.org>
Tue, 8 Mar 2016 15:15:00 +0000 (10:15 -0500)
committerLisa Marie Maginnis <lisam@fsf.org>
Tue, 8 Mar 2016 15:15:00 +0000 (10:15 -0500)
36 files changed:
class/50-host-classes
class/GMG.var [new file with mode: 0644]
class/LETSENCRYPT.var [new file with mode: 0644]
class/LIBREPLANET.var [new file with mode: 0644]
class/gmg0d.libreplanet.org.var [new file with mode: 0644]
class/gmg0p.libreplanet.org.var [new file with mode: 0644]
files/boot/grub/menu.lst/VM [new file with mode: 0644]
files/etc/apache2/conf-available/redirect-to-zm.conf/ZONEMINDER [new file with mode: 0644]
files/etc/init.d/install-mediagoblin/DEFAULT [new file with mode: 0755]
files/etc/init.d/mediagoblin-celery-worker/DEFAULT [new file with mode: 0755]
files/etc/init.d/mediagoblin-paster/DEFAULT [new file with mode: 0755]
files/etc/init.d/request-letsencrypt/DEFAULT [new file with mode: 0755]
files/etc/mediagoblin-templates/mediagoblin.ini/DEFAULT [new file with mode: 0644]
files/etc/mediagoblin-templates/paste.ini/DEFAULT [new file with mode: 0644]
files/etc/nginx/mediagoblin-common.conf/DEFAULT [new file with mode: 0644]
files/etc/nginx/sites-available/mediagoblin/DEFAULT [new file with mode: 0644]
package_config/3DPRINT [new file with mode: 0644]
package_config/FAIBASE
package_config/GMG [new file with mode: 0644]
package_config/GNUSOCIAL [new file with mode: 0644]
package_config/LETSENCRYPT [new file with mode: 0644]
package_config/MARIADB [new file with mode: 0644]
package_config/PHP5 [new file with mode: 0644]
package_config/PSQL [new file with mode: 0644]
package_config/VM
package_config/WORKSTATION
package_config/ZONEMINDER [new file with mode: 0644]
scripts/GMG/05_create_local_user.sh [new file with mode: 0755]
scripts/GMG/10_create_dir.sh [new file with mode: 0755]
scripts/GMG/15_install_gmg.sh [new file with mode: 0755]
scripts/GNUSOCIAL/10_download_gnusocial.sh [new file with mode: 0755]
scripts/LETSENCRYPT/00_fetch.sh [new file with mode: 0755]
scripts/LPCON/00_adduser.sh [moved from scripts/LIBREPLANET/00_adduser.sh with 100% similarity]
scripts/VM/00_setup_pygrub.sh [new file with mode: 0755]
scripts/YOURLS/10_download_yourls.sh [new file with mode: 0755]
scripts/ZONEMINDER/10-apache-enable-zm.sh [new file with mode: 0755]

index de3b473..cca84ce 100755 (executable)
@@ -9,20 +9,14 @@ fi
 # use a list of classes for our demo machine                                                                                                   
 case $HOSTNAME in
     faiserver*)
-       echo "FAIBASE FAISEVER SYSADMIN VM"
+       echo "FAIBASE FAISERVER SYSADMIN VM"
+        ;;
+    nekohost)
+        echo "FAIBASE $GRUB DHCPC DEMO"
         ;;
-    demohost)
-        echo "FAIBASE $GRUB DHCPC DEMO" ;;
     rms)
-        echo "FAIBASE $GRUB DHCPC DEMO XORG TRISQUEL RMS";;
-    gnomehost)
-        echo "FAIBASE $GRUB DHCPC DEMO XORG GNOME";;
-    atom*)
-        echo "FAIBASE $GRUB DHCPC DEMO" ;;
-    bear)
-        echo "FAIBASE $GRUB DHCPC LVM_XEN_SERVER XEN" ;;
-    puma)
-        echo "FAIBASE $GRUB DHCPC RAID_XEN_VIRTUAL" ;;
+        echo "FAIBASE $GRUB DHCPC DEMO XORG TRISQUEL RMS"
+       ;;
     diskstation*)
        echo "FAIBASE DISKLESS DISKTOOLS SYSADMIN FSF"
         ;;
@@ -35,6 +29,9 @@ case $HOSTNAME in
     freestation*)
         echo "FAIBASE DISKLESS XORG TRISQUEL WORKSTATION FSF"
         ;;
+    zoneminder*)
+       echo "FAIBASE SYSADMIN FSF ZONEMINDER MYSQLD"
+        ;;
     freetop-x60*)
        echo "FAIBASE $GRUB NW_MGR XORG TRISQUEL WORKSTATION FSF"
        ;;
@@ -48,10 +45,10 @@ case $HOSTNAME in
         echo "FAIBASE KVMGUEST SYSADMIN MYSQLD"
         ;;
     streamstation*)
-        echo "FAIBASE $GRUB SYSADMIN STREAM LIBREPLANET"
+        echo "FAIBASE $GRUB SYSADMIN STREAM XORG TRISQUEL LPCONF"
         ;;
     freetop*)
-        echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LIBREPLANET"
+        echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LPCONF 3DPRINT"
         ;;
     mwikiserver*)
        echo "FAIBASE MEDIAWIKI SYSADMIN VM"
@@ -69,7 +66,7 @@ case $HOSTNAME in
        echo "FAIBASE WWW CIVICRM SYSADMIN VM MYSQLD"
        ;;
     gnusocial*)
-       echo "FAIBASE WWW SYSADMIN VM MYSQLD"
+       echo "FAIBASE WWW SYSADMIN VM MYSQLD GNUSOCIAL YOURLS"
        ;;
     nagios*)
        echo "FAIBASE SYSADMIN VM MYSQLD NAGIOS WWW"
@@ -86,6 +83,15 @@ case $HOSTNAME in
     irc*)
        echo "FAIBASE SYSADMIN KOSA SYSADMIN VM WWW LETSENCRYPT IRC"
        ;;
+    glamp*)
+       echo "FAIBASE MYSQLD PHP5 SYSADMIN WWW"
+       ;;
+    gmg*libreplanet.org)
+       echo "FAIBASE VM PSQL GMG SYSADMIN LETSENCRYPT LIBREPLANET"
+       ;;
+    gmg*)
+       echo "FAIBASE VM PSQL GMG SYSADMIN LETSENCRYPT"
+       ;;
     *)  
         echo "FAIBASE"
        ;;
diff --git a/class/GMG.var b/class/GMG.var
new file mode 100644 (file)
index 0000000..cd323be
--- /dev/null
@@ -0,0 +1,3 @@
+GMG_PATH=/srv/gmg
+GMG_SENDER=noreply@libreplanet.org
+GMG_LOGPATH=/var/log/mediagoblin
diff --git a/class/LETSENCRYPT.var b/class/LETSENCRYPT.var
new file mode 100644 (file)
index 0000000..f03fde1
--- /dev/null
@@ -0,0 +1,2 @@
+LETSENCRYPT_PATH=/srv/
+LETSENCRYPT_EMAIL=sysadmin@fsf.org
diff --git a/class/LIBREPLANET.var b/class/LIBREPLANET.var
new file mode 100644 (file)
index 0000000..3566467
--- /dev/null
@@ -0,0 +1 @@
+DOMAIN=libreplanet.org
diff --git a/class/gmg0d.libreplanet.org.var b/class/gmg0d.libreplanet.org.var
new file mode 100644 (file)
index 0000000..02a2d5b
--- /dev/null
@@ -0,0 +1 @@
+SERVERNAME=media-dev.libreplanet.org
diff --git a/class/gmg0p.libreplanet.org.var b/class/gmg0p.libreplanet.org.var
new file mode 100644 (file)
index 0000000..3cf9846
--- /dev/null
@@ -0,0 +1 @@
+SERVERNAME=media.libreplanet.org
\ No newline at end of file
diff --git a/files/boot/grub/menu.lst/VM b/files/boot/grub/menu.lst/VM
new file mode 100644 (file)
index 0000000..736d236
--- /dev/null
@@ -0,0 +1,7 @@
+default=0
+timeout=0
+
+title  VM kernel
+root   (hd0,0)
+kernel /vmlinuz root=/dev/xvda2 ro elevator=noop console=hvc0 xencons=tty
+initrd /initrd.img
diff --git a/files/etc/apache2/conf-available/redirect-to-zm.conf/ZONEMINDER b/files/etc/apache2/conf-available/redirect-to-zm.conf/ZONEMINDER
new file mode 100644 (file)
index 0000000..e74c03e
--- /dev/null
@@ -0,0 +1,6 @@
+# File managed by fai.
+# Local changes will be overwritten.
+# Make changes to fai-configs/files/etc/apache2/*
+
+RedirectMatch temp ^/$ /zm
+
diff --git a/files/etc/init.d/install-mediagoblin/DEFAULT b/files/etc/init.d/install-mediagoblin/DEFAULT
new file mode 100755 (executable)
index 0000000..6848802
--- /dev/null
@@ -0,0 +1,52 @@
+#/bin/bash
+echo Installing GMG into GMG_PATH_TOKEN...
+(
+cd GMG_PATH_TOKEN
+if [ ! -d mediagoblin ]; then
+   /etc/init.d/postgresql start
+    # Create the GMG user
+    sudo -H -u postgres psql -c "UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1'"
+    sudo -H -u postgres psql -c "DROP DATABASE template1"
+    sudo -H -u postgres psql -c "CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING='UNICODE' LC_COLLATE='en_US.UTF8' LC_CTYPE='en_US.UTF8'"
+    sudo -H -u postgres psql -c "UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1'"
+    sudo -H -u postgres psql -c "UPDATE pg_database SET datallowconn = FALSE WHERE datname = 'template1'"
+
+    sudo -H -u postgres createuser -A -D mediagoblin
+    # Crea te GMG database
+    sudo -H -u postgres createdb -E UNICODE -O mediagoblin mediagoblin
+
+    sudo -H -u mediagoblin git clone git://git.savannah.gnu.org/mediagoblin.git -b stable
+
+    if [ ! -d mediagoblin-piwik ]; then
+       sudo -H -u mediagoblin git clone https://github.com/ayleph/mediagoblin-piwik
+       cp -r mediagoblin-piwik/piwik mediagoblin/mediagoblin/plugins/
+    fi
+
+    if [ ! -d mediagoblin-libreplanet ]; then
+       sudo -H -u mediagoblin git clone https://vcs.fsf.org/git/mediagoblin-libreplanet.git
+       cp -r mediagoblin-libreplanet/mediagoblin_libreplanet mediagoblin/mediagoblin/plugins/libreplanet
+    fi
+
+    chown -R mediagoblin.www-data mediagoblin/mediagoblin/plugins/
+
+    cd mediagoblin
+    sudo -H -u mediagoblin git submodule init && git submodule update
+
+    sudo -H -u mediagoblin ./bootstrap.sh && sudo -H -u mediagoblin ./configure && sudo -H -u mediagoblin make
+    sudo -H -u mediagoblin mkdir user_dev && sudo -H -u mediagoblin chmod 750 user_dev
+    #sudo -H -u mediagoblin ./bin/easy_install flup
+    # https://issues.mediagoblin.org/ticket/5373
+    sudo -H -u mediagoblin ./bin/easy_install flup==1.0.3.dev-20110405
+
+    sudo -H -u mediagoblin cp /etc/mediagoblin-templates/mediagoblin.ini mediagoblin_local.ini
+    sudo -H -u mediagoblin cp /etc/mediagoblin-templates/paste.ini paste_local.ini
+
+    sudo -H -u mediagoblin ./bin/gmg dbupdate
+
+    update-rc.d mediagoblin-paster defaults
+    update-rc.d mediagoblin-celery-worker defaults
+    /etc/init.d/mediagoblin-paster start
+    /etc/init.d/mediagoblin-celery-worker start
+fi
+) &>> /var/log/fai/install-mediagoblin.log
+echo Install Completed, started mediagoblin-paster and mediagoblin-celery-worker
diff --git a/files/etc/init.d/mediagoblin-celery-worker/DEFAULT b/files/etc/init.d/mediagoblin-celery-worker/DEFAULT
new file mode 100755 (executable)
index 0000000..55b9638
--- /dev/null
@@ -0,0 +1,164 @@
+#!/bin/bash
+# /etc/init.d/mediagoblin-celery-worker
+#
+## LICENSE: CC0 <http://creativecommons.org/publicdomain/zero/1.0/>
+# To the extent possible under law, Joar Wandborg <http://wandborg.se> has
+# waived all copyright and related or neighboring rights to
+# mediagoblin-celery-worker. This work is published from Sweden.
+#
+## CREDIT
+# Credit goes to jpope <http://jpope.org/> and 
+# chimo <http://chimo.chromic.org/>. From which' Arch init scripts this is
+# based upon.
+#
+### BEGIN INIT INFO
+# Provides:          mediagoblin-celery-worker
+# Required-Start:    $network $named $local_fs
+# Required-Stop:     $remote_fs $syslog $network $named $local_fs
+# Should-Start:      postgres $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: MediaGoblin Celery task processor init script
+# Description:       This script will initiate the GNU MediaGoblin Celery 
+#                    task processor 
+### END INIT INFO
+
+################################################################################
+# CHANGE THIS
+# to suit your environment
+################################################################################
+MG_ROOT=GMG_PATH_TOKEN/mediagoblin
+MG_USER=mediagoblin
+################################################################################
+# NOW STOP
+# You probably won't have to change anything else.
+################################################################################
+
+set -e
+
+DAEMON_NAME=mediagoblin-celery-worker
+
+MG_BIN=$MG_ROOT/bin
+MG_CELERYD_BIN=$MG_BIN/celery\ worker
+MG_CONFIG=$MG_ROOT/mediagoblin_local.ini
+MG_CELERY_CONFIG_MODULE=mediagoblin.init.celery.from_celery
+MG_CELERYD_PID_FILE=/var/run/mediagoblin/$DAEMON_NAME.pid
+MG_CELERYD_LOG_FILE=/var/log/mediagoblin/$DAEMON_NAME.log
+
+set_up_directories() {
+    install -o $MG_USER -g users -d -m 755 /var/log/mediagoblin
+    install -o $MG_USER -g users -d -m 755 /var/run/mediagoblin
+}
+
+set_up_directories
+
+# Include LSB helper functions
+. /lib/lsb/init-functions
+
+wait_for_death() {
+    pid=$1
+    seconds=1
+
+    if [ -z "$2" ]; then
+        kill_at=20
+    else
+        kill_at=$2
+    fi
+
+    if [ -z "$pid" ]; then
+        log_action_msg "Could not get PID. Aborting"
+        log_end_msg 1
+        exit 1
+    fi
+
+    while ps ax | grep -v grep | grep $pid > /dev/null; do
+        sleep 1
+        seconds=$(expr $seconds + 1)
+        if [ $seconds -ge $kill_at ]; then
+            log_action_msg "Failed to shut down after $kill_at seconds. Aborting"
+            log_end_msg 1
+            exit 1
+        fi
+    done
+    log_end_msg 0
+}
+
+wait_for_pidfile() {
+    pidfile=$1
+    kill_at=20
+    seconds=1
+
+    while ! [[ -f $pidfile ]]; do
+        sleep 1
+        seconds=$(expr $seconds + 1)
+
+        if [ $seconds -ge $kill_at ]; then
+            log_action_msg "Can't find the PID file," \
+                " the application must have crashed."
+            log_end_msg 1
+            exit 1
+        fi
+    done
+}
+
+getPID() {
+    # Discard any errors from cat
+    cat $MG_CELERYD_PID_FILE 2>/dev/null
+}
+
+case "$1" in 
+    start)
+        # Start the MediaGoblin celery worker process
+        log_daemon_msg "Starting GNU MediaGoblin Celery task queue" "$DAEMON_NAME"
+        if [ -z "$(getPID)" ]; then
+            # TODO: Could we send things to log a little bit more beautiful?
+            su -s /bin/sh -c "cd $MG_ROOT && \
+                MEDIAGOBLIN_CONFIG=$MG_CONFIG \
+                CELERY_CONFIG_MODULE=$MG_CELERY_CONFIG_MODULE \
+                $MG_CELERYD_BIN \
+                --pidfile=$MG_CELERYD_PID_FILE \
+                -f $MG_CELERYD_LOG_FILE 2>&1 >> $MG_CELERYD_PID_FILE" \
+                - $MG_USER 2>&1 >> $MG_CELERYD_LOG_FILE &
+
+            CELERYD_RESULT=$?
+
+            wait_for_pidfile $MG_CELERYD_PID_FILE
+
+            log_end_msg $CELERYD_RESULT
+        else
+            # Failed because the PID file indicates it's running
+            log_action_msg "PID file $MG_CELERYD_PID_FILE already exists"
+            log_end_msg 1
+        fi
+        ;;
+    stop)
+        log_daemon_msg "Stopping GNU MediaGoblin Celery task queue" "$DAEMON_NAME"
+        if [ -z "$(getPID)" ]; then
+            # Failed because the PID file indicates it's not running
+            log_action_msg "Could not get PID"
+            log_end_msg 1
+            exit 1
+        else
+            kill $(getPID)
+
+            wait_for_death $(getPID)
+        fi
+        ;;
+    restart)
+        $0 stop
+        $0 start
+        ;;
+    status)
+        if ! [ -z "$(getPID)" ]; then
+            echo "$DAEMON_NAME start/running, process $(getPID)"
+        else
+            echo "$DAEMON_NAME stopped."
+        fi
+        ;;
+    *)
+        echo "Usage: $0 {restart|start|stop|status}"
+        exit 1
+        ;;
+esac
+
+exit 0
\ No newline at end of file
diff --git a/files/etc/init.d/mediagoblin-paster/DEFAULT b/files/etc/init.d/mediagoblin-paster/DEFAULT
new file mode 100755 (executable)
index 0000000..8b37c45
--- /dev/null
@@ -0,0 +1,131 @@
+#!/bin/sh
+# /etc/init.d/mediagoblin-paster
+#
+## LICENSE: CC0 <http://creativecommons.org/publicdomain/zero/1.0/>
+# To the extent possible under law, Joar Wandborg <http://wandborg.se> has
+# waived all copyright and related or neighboring rights to
+# mediagoblin-paster. This work is published from Sweden.
+#
+## CREDIT
+# Credit goes to jpope <http://jpope.org/> and 
+# chimo <http://chimo.chromic.org/>. From which' Arch init scripts this is
+# based upon.
+#
+### BEGIN INIT INFO
+# Provides:          mediagoblin-paster
+# Required-Start:    $network $named $local_fs
+# Required-Stop:     $remote_fs $syslog $network $named $local_fs
+# Should-Start:      postgresql $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: MediaGoblin paster FCGI server init script
+# Description:       This script will initiate the GNU MediaGoblin paster
+#                    fcgi server.
+### END INIT INFO
+
+################################################################################
+# CHANGE THIS
+# to suit your environment
+################################################################################
+MG_ROOT=GMG_PATH_TOKEN/mediagoblin
+MG_USER=mediagoblin
+################################################################################
+# NOW STOP
+# You probably won't have to change anything else.
+################################################################################
+
+set -e
+
+DAEMON_NAME=mediagoblin-paster
+
+MG_BIN=$MG_ROOT/bin
+MG_PASTER_BIN=$MG_BIN/paster
+MG_PASTE_INI=$MG_ROOT/paste_local.ini
+MG_FCGI_HOST=127.0.0.1
+MG_FCGI_PORT=26543
+MG_PASTER_PID_FILE=/var/run/mediagoblin/$DAEMON_NAME.pid
+MG_PASTER_LOG_FILE=/var/log/mediagoblin/$DAEMON_NAME.log
+
+set_up_directories() {
+    install -o $MG_USER -g users -d -m 755 /var/log/mediagoblin
+    install -o $MG_USER -g users -d -m 755 /var/run/mediagoblin
+}
+
+set_up_directories
+
+# Include LSB helper functions
+. /lib/lsb/init-functions
+
+getPID () {
+    # Discard any errors from cat
+    cat $MG_PASTER_PID_FILE 2>/dev/null
+}
+
+case "$1" in 
+    start)
+        # Start the MediaGoblin paster process
+        log_daemon_msg "Starting GNU MediaGoblin paster fcgi server" "$DAEMON_NAME"
+       if [ ! -f $MG_PASTE_INI ]; then
+            MG_PASTE_INI=$MG_ROOT/paste.ini
+           fi
+        if [ -z "$(getPID)" ]; then
+            su -s /bin/sh -c "CELERY_ALWAYS_EAGER=False $MG_PASTER_BIN serve \
+                $MG_PASTE_INI \
+                --server-name=fcgi \
+                fcgi_host=$MG_FCGI_HOST fcgi_port=$MG_FCGI_PORT \
+                --pid-file=$MG_PASTER_PID_FILE \
+                --log-file=$MG_PASTER_LOG_FILE \
+                --daemon" - $MG_USER 2>&1 > /dev/null
+
+            PASTER_RESULT=$?
+
+            # Sleep for a while until we're kind of certain that paster has
+            # had it's time to initialize
+            TRIES=0
+            while ! [ "X$PASTER_RESULT" != "X" ]; do
+                log_action_msg "Tried $TRIES time(s)"
+                sleep 0.1
+                TRIES=$((TRIES+1))
+            done
+
+            log_end_msg $PASTER_RESULT
+        else
+            # Failed because the PID file indicates it's running
+            log_action_msg "PID file $MG_PASTER_BIN already exists"
+            log_end_msg 1
+        fi
+        ;;
+    stop)
+        log_daemon_msg "Stopping GNU MediaGoblin paster fcgi server" "$DAEMON_NAME"
+        if [ -z "$(getPID)" ]; then
+            # Failed because the PID file indicates it's not running
+            RET=1
+        else
+            kill $(getPID)
+
+            if [ $? -gt 0 ]; then
+                RET=1
+            else
+                RET=0
+            fi
+        fi
+        log_end_msg $RET
+        ;;
+    restart)
+        $0 stop
+        $0 start
+        ;;
+    status)
+        if ! [ -z "$(getPID)" ]; then
+            echo "$DAEMON_NAME start/running, process $(getPID)"
+        else
+            echo "$DAEMON_NAME stopped."
+        fi
+        ;;
+    *)
+        echo "Usage: $0 {restart|start|stop|status}"
+        exit 1
+        ;;
+esac
+
+exit 0
diff --git a/files/etc/init.d/request-letsencrypt/DEFAULT b/files/etc/init.d/request-letsencrypt/DEFAULT
new file mode 100755 (executable)
index 0000000..7e33360
--- /dev/null
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+if [ ! -d /etc/letsencrypt/archive/HOSTNAME_TOKEN ]; then
+
+    # Nasty hack for getting port 443/80 if needed
+    /etc/init.d/nginx stop &> /dev/null
+    /etc/init.d/apache2 stop &> /dev/null
+
+    # Lets get us some SSL
+    cd /srv/letsencrypt
+    ./letsencrypt-auto certonly --standalone --agree-tos --email LETSENCRYPT_EMAIL_TOKEN -d HOSTNAME_TOKEN -d SERVERNAME_TOKEN
+
+    # Nasty hack for putting thoes services back online, okay :)
+    /etc/init.d/nginx start &> /dev/null
+    /etc/init.d/apache2 start &> /dev/null
+fi
+
diff --git a/files/etc/mediagoblin-templates/mediagoblin.ini/DEFAULT b/files/etc/mediagoblin-templates/mediagoblin.ini/DEFAULT
new file mode 100644 (file)
index 0000000..42bab35
--- /dev/null
@@ -0,0 +1,74 @@
+# If you want to make changes to this file, first copy it to
+# mediagoblin_local.ini, then make the changes there.
+#
+# If you don't see what you need here, have a look at mediagoblin/config_spec.ini
+# It defines types and defaults so it's a good place to look for documentation
+# or to find hidden options that we didn't tell you about. :)
+
+# To change the directory you should make sure you change the
+# directory in paste.ini and/or your webserver configuration.
+#
+# [DEFAULT]
+data_basedir = "GMG_PATH_TOKEN"
+
+[mediagoblin]
+direct_remote_path = /mgoblin_static/
+email_sender_address = "GMG_SENDER_TOKEN"
+
+## Uncomment and change to your DB's appropiate setting.
+## Default is a local sqlite db "mediagoblin.db".
+## Don't forget to run `./bin/gmg dbupdate` after having changed it.
+sql_engine = postgresql:///mediagoblin
+
+# Set to false to enable sending notices
+email_debug_mode = false
+
+# Set to false to disable registrations
+allow_registration = false
+
+# Set to false to disable the ability for users to report offensive content
+allow_reporting = false
+
+## Uncomment this to put some user-overriding templates here
+local_templates = %(data_basedir)s/templates/
+
+## You can set your theme by specifying this (not specifying it will
+## use the default theme).  Run `gmg assetlink` to apply the change.
+## The airy and sandyseventiesspeedboat theme comes with GMG; please
+## see the theming docs on how to install other themes.
+# theme = airy
+
+## If you want the terms of service displayed, you can uncomment this
+# show_tos = true
+
+user_privilege_scheme = "uploader,commenter,reporter"
+[storage:queuestore]
+base_dir = %(data_basedir)s/media/queue
+
+[storage:publicstore]
+base_dir = %(data_basedir)s/media/public
+base_url = /mgoblin_media/
+
+[celery]
+# Put celery stuff here
+
+# Place plugins here, each in their own subsection of [plugins].
+# See http://docs.mediagoblin.org/siteadmin/plugins.html for details.
+[plugins]
+[[mediagoblin.plugins.geolocation]]
+[[mediagoblin.plugins.basic_auth]]
+[[mediagoblin.media_types.image]]
+[[mediagoblin.media_types.video]]
+auto_play = False
+[[[skip_transcode]]]
+audio_codecs = Vorbis,
+container_formats = Matroska, Ogg
+mime_types = video/webm, application/ogg
+dimensions_match = False
+video_codecs = VP8 video, Theora
+[[mediagoblin.media_types.pdf]]
+[[mediagoblin.plugins.libreplanet]]
+[[mediagoblin.plugins.piwik]]
+PIWIK_DOMAIN = '*.media.libreplanet.org'
+PIWIK_LOCATION = 'piwik.fsf.org'
+PIWIK_SITEID = 11
diff --git a/files/etc/mediagoblin-templates/paste.ini/DEFAULT b/files/etc/mediagoblin-templates/paste.ini/DEFAULT
new file mode 100644 (file)
index 0000000..68fd9de
--- /dev/null
@@ -0,0 +1,85 @@
+# If you want to make changes to this file, first copy it to
+# paste_local.ini, then make the changes there.
+
+[DEFAULT]
+# Set to true to enable web-based debugging messages and etc.
+debug = false
+
+[pipeline:main]
+pipeline = errors mediagoblin
+
+[app:mediagoblin]
+use = egg:mediagoblin#app
+config = %(here)s/mediagoblin_local.ini %(here)s/mediagoblin.ini
+# static paths
+/mgoblin_media = %(here)s/user_dev/media/public
+/mgoblin_static = %(here)s/mediagoblin/static
+/theme_static = %(here)s/user_dev/theme_static
+/plugin_static = %(here)s/user_dev/plugin_static
+
+[loggers]
+keys = root
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = INFO
+handlers = console
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(asctime)s %(levelname)-7.7s [%(name)s] %(message)s
+
+[filter:errors]
+use = egg:mediagoblin#errors
+debug = false
+
+
+##############################
+# Server configuration options
+##############################
+
+# The server that is run by default.
+# By default, should only be accessable locally
+[server:main]
+use = egg:mediagoblin#paste_server_selector
+host = 127.0.0.1
+port = 6543
+# Gunicorn settings. See http://docs.gunicorn.org/en/19.0/settings.html
+# for more information about configuring Gunicorn
+proc_name = gmg
+reload = true
+accesslog = -
+
+#######################
+# Helper server configs
+# ---------------------
+#   If you are configuring the paste config manually, you can remove
+#   these.
+
+# Use this if you want to run on port 6543 and have MediaGoblin be
+# viewable externally
+[server:broadcast]
+use = egg:Paste#http
+host = 0.0.0.0
+port = 6543
+
+# Use this if you want to connect via fastcgi
+[server:fcgi]
+use = egg:flup#fcgi_fork
+host = %(fcgi_host)s
+port = %(fcgi_port)s
+
+[server:http]
+use = egg:Paste#http
+host = %(http_host)s
+port = %(http_port)s
diff --git a/files/etc/nginx/mediagoblin-common.conf/DEFAULT b/files/etc/nginx/mediagoblin-common.conf/DEFAULT
new file mode 100644 (file)
index 0000000..224cbfd
--- /dev/null
@@ -0,0 +1,57 @@
+ #################################################
+ # Stock useful config options, but ignore them :)
+ #################################################
+ include /etc/nginx/mime.types;
+
+ autoindex off;
+ default_type  application/octet-stream;
+ sendfile on;
+
+ # Gzip
+ gzip on;
+ gzip_min_length 1024;
+ gzip_buffers 4 32k;
+ gzip_types text/plain application/x-javascript text/javascript text/xml text/css;
+
+ #####################################
+ # Mounting MediaGoblin stuff
+ # This is the section you should read
+ #####################################
+
+ # Change this to update the upload size limit for your users
+ client_max_body_size 4g;
+
+ # prevent attacks (someone uploading a .txt file that the browser
+ # interprets as an HTML file, etc.)
+ add_header X-Content-Type-Options nosniff;
+
+ # MediaGoblin's stock static files: CSS, JS, etc.
+ location /mgoblin_static/ {
+    alias GMG_PATH_TOKEN/mediagoblin/mediagoblin/static/;
+ }
+
+ # Instance specific media:
+ location /mgoblin_media/ {
+    alias GMG_PATH_TOKEN/mediagoblin/user_dev/media/public/;
+ }
+
+ # Theme static files (usually symlinked in)
+ location /theme_static/ {
+    alias GMG_PATH_TOKEN/mediagoblin/user_dev/theme_static/;
+ }
+
+ # Plugin static files (usually symlinked in)
+ location /plugin_static/ {
+    alias GMG_PATH_TOKEN/mediagoblin/user_dev/plugin_static/;
+ }
+
+ # Mounting MediaGoblin itself via FastCGI.
+ location / {
+    fastcgi_pass 127.0.0.1:26543;
+    include /etc/nginx/fastcgi_params;
+
+    # our understanding vs nginx's handling of script_name vs
+    # path_info don't match :)
+    fastcgi_param PATH_INFO $fastcgi_script_name;
+    fastcgi_param SCRIPT_NAME "";
+ }
diff --git a/files/etc/nginx/sites-available/mediagoblin/DEFAULT b/files/etc/nginx/sites-available/mediagoblin/DEFAULT
new file mode 100644 (file)
index 0000000..94286d3
--- /dev/null
@@ -0,0 +1,35 @@
+server {
+    listen   80;
+    server_name SERVERNAME_TOKEN;
+
+    include    /etc/nginx/mediagoblin-common.conf;
+
+    ## redirect http to https ##
+    rewrite        ^ https://$server_name$request_uri? permanent;
+
+    access_log  /var/log/nginx/SERVERNAME_TOKEN-ssl.access.log;
+    error_log  /var/log/nginx/SERVERNAME_TOKEN-ssl.error.log;
+}
+
+server {
+  listen 443;
+
+  include    /etc/nginx/mediagoblin-common.conf;
+
+  access_log  /var/log/nginx/SERVERNAME_TOKEN-ssl.access.log;
+  error_log  /var/log/nginx/SERVERNAME_TOKEN-ssl.error.log;
+
+  ssl on;
+
+  ## Use a SSL/TLS cache for SSL session resume.
+  ssl_session_cache shared:SSL:10m;
+  ssl_session_timeout 10m;
+
+  ssl_certificate /etc/letsencrypt/live/GMG_FQDN_TOKEN/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/GMG_FQDN_TOKEN/privkey.pem;
+
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_prefer_server_ciphers on;
+  ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+}
\ No newline at end of file
diff --git a/package_config/3DPRINT b/package_config/3DPRINT
new file mode 100644 (file)
index 0000000..2335023
--- /dev/null
@@ -0,0 +1,13 @@
+PACKAGES aptitude
+
+python-serial
+python-wxgtk2.8
+python-pyglet
+python-numpy
+cython
+python-libxml2
+python-gobject
+python-dbus
+python-psutil
+git
+
index 1b4c197..6dee473 100644 (file)
@@ -6,7 +6,7 @@ cron
 debconf-utils
 file
 hdparm
-jove
+emacs24-nox
 less
 linuxlogo
 nfs-common
@@ -40,3 +40,9 @@ uptimed
 rdiff-backup
 kpartx
 language-pack-en-base
+mutt
+tree
+iputils-tracepath
+elinks
+iptables
+fail2ban
diff --git a/package_config/GMG b/package_config/GMG
new file mode 100644 (file)
index 0000000..bf81c25
--- /dev/null
@@ -0,0 +1,17 @@
+PACKAGES aptitude GMG
+git-core
+python
+python-dev
+python-lxml
+python-imaging
+python-virtualenv
+python-bcrypt
+python-gi
+python-gst0.10
+npm
+nodejs-legacy
+automake
+nginx
+gstreamer1.0-tools
+gir1.2-gstreamer-1.0
+gir1.2-gst-plugins-base-1.0
diff --git a/package_config/GNUSOCIAL b/package_config/GNUSOCIAL
new file mode 100644 (file)
index 0000000..fa007e0
--- /dev/null
@@ -0,0 +1,21 @@
+PACKAGES aptitude GNUSOCIAL
+apache2
+mysql-server
+php5
+php5-mysql
+libapache2-mod-php5
+php-apc
+php5-intl
+vsftpd
+php5-cli
+php5-gd
+wget
+unzip
+curl
+mysql-server
+php5-cgi
+php5-curl
+php5-gd
+git
+ca-certificates
+openssl
diff --git a/package_config/LETSENCRYPT b/package_config/LETSENCRYPT
new file mode 100644 (file)
index 0000000..5403e2f
--- /dev/null
@@ -0,0 +1,22 @@
+PACKAGES aptitude LETSENCRYPT
+git-core
+augeas-lenses
+binutils
+cpp
+cpp-4.8
+dialog
+gcc
+gcc-4.8
+libasan0
+libatomic1
+libaugeas0
+libcloog-isl4
+libffi-dev
+libgcc-4.8-dev
+libgomp1
+libisl10
+libitm1
+libmpc3
+libmpfr4
+libquadmath0
+libtsan0
diff --git a/package_config/MARIADB b/package_config/MARIADB
new file mode 100644 (file)
index 0000000..ac60009
--- /dev/null
@@ -0,0 +1,2 @@
+PACKAGES aptitude MARIADB
+mariadb-server
\ No newline at end of file
diff --git a/package_config/PHP5 b/package_config/PHP5
new file mode 100644 (file)
index 0000000..49fe01a
--- /dev/null
@@ -0,0 +1,3 @@
+PACKAGES aptitude PHP5
+php5
+php5-mysql
\ No newline at end of file
diff --git a/package_config/PSQL b/package_config/PSQL
new file mode 100644 (file)
index 0000000..0d8f7af
--- /dev/null
@@ -0,0 +1,4 @@
+PACKAGES aptitude PSQL
+postgresql
+postgresql-client
+python-psycopg2
index e36a892..01848ac 100644 (file)
@@ -1,5 +1,3 @@
 PACKAGES aptitude VM
-grub-pc-
-linux-image-
-linux-image-generic-
+linux-image-generic
 
index df8286a..f8a207b 100644 (file)
@@ -25,3 +25,4 @@ vim
 screen
 tmux
 mosh
+file-roller
diff --git a/package_config/ZONEMINDER b/package_config/ZONEMINDER
new file mode 100644 (file)
index 0000000..71315dc
--- /dev/null
@@ -0,0 +1,3 @@
+PACKAGES aptitude
+zoneminder
+zoneminder-doc
diff --git a/scripts/GMG/05_create_local_user.sh b/scripts/GMG/05_create_local_user.sh
new file mode 100755 (executable)
index 0000000..4a2f7cc
--- /dev/null
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Create mediagoblin user & group
+if ! $ROOTCMD getent passwd mediagoblin ; then
+    $ROOTCMD useradd -c "GNU MediaGoblin system account" -d /var/lib/mediagoblin -m -r -g www-data mediagoblin
+    $ROOTCMD groupadd mediagoblin && $ROOTCMD usermod --append -G mediagoblin mediagoblin
+fi
diff --git a/scripts/GMG/10_create_dir.sh b/scripts/GMG/10_create_dir.sh
new file mode 100755 (executable)
index 0000000..c0931c3
--- /dev/null
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+if [ ! -d $GMG_PATH ]; then
+    $ROOTCMD mkdir -p $GMG_PATH && $ROOTCMD chown -hR mediagoblin:www-data $GMG_PATH
+fi
+if [ ! -d $GMG_LOGPATH ]; then
+    $ROOTCMD mkdir -p $GMG_LOGPATH && $ROOTCMD chown -hR mediagoblin:mediagoblin $GMG_LOGPATH
+fi
+
diff --git a/scripts/GMG/15_install_gmg.sh b/scripts/GMG/15_install_gmg.sh
new file mode 100755 (executable)
index 0000000..8cfb0f8
--- /dev/null
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Copy configs
+fcopy -Bv /etc/init.d/install-mediagoblin
+fcopy -Bv /etc/init.d/mediagoblin-paster
+fcopy -Bv /etc/init.d/mediagoblin-celery-worker
+fcopy -Bv /etc/mediagoblin-templates/mediagoblin.ini
+fcopy -Bv /etc/mediagoblin-templates/paste.ini
+fcopy -Bv /etc/nginx/sites-available/mediagoblin
+fcopy -Bv /etc/nginx/mediagoblin-common.conf
+
+# Add installer to boot
+$ROOTCMD update-rc.d install-mediagoblin defaults
+fqdn=$HOSTNAME
+
+# Replace Tokens
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/install-mediagoblin
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/mediagoblin-celery-worker
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/mediagoblin-paster
+
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/mediagoblin-templates/mediagoblin.ini
+sed 's^GMG_SENDER_TOKEN^'$GMG_SENDER'^g' -i $target/etc/mediagoblin-templates/mediagoblin.ini
+
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/nginx/mediagoblin-common.conf
+
+sed 's^GMG_FQDN_TOKEN^'$fqdn'^g' -i $target/etc/nginx/sites-available/mediagoblin
+sed 's^SERVERNAME_TOKEN^'$SERVERNAME'^g' -i $target/etc/nginx/sites-available/mediagoblin
+
+# enable nginx config
+$ROOTCMD ln -s /etc/nginx/sites-available/mediagoblin /etc/nginx/sites-enabled/mediagoblin
+
+if [ ! -f $target//etc/nginx/sites-enabled/default ]; then
+       $ROOTCMD rm /etc/nginx/sites-enabled/default
+fi
diff --git a/scripts/GNUSOCIAL/10_download_gnusocial.sh b/scripts/GNUSOCIAL/10_download_gnusocial.sh
new file mode 100755 (executable)
index 0000000..48a7bc7
--- /dev/null
@@ -0,0 +1,17 @@
+#! /bin/bash
+
+# Download gnusocial directly from their download source, as it is the recommended route and there is no repo
+if ! $ROOTCMD getent passwd gnusocial ; then
+    $ROOTCMD adduser --system --ingroup www-data --disabled-password --gecos "gnusocial user" gnusocial
+fi
+
+if ! $ROOTCMD test -e /home/gnusocial/.ssh/id_rsa; then
+    $ROOTCMD echo | $ROOTCMD sudo -u gnusocial ssh-keygen -N ''
+fi
+
+if ! $ROOTCMD echo | cd /home/gnusocial/ 
+    mkdir /var/www/statusnet/
+    git clone https://git.gnu.io/gnu/gnu-social.git /home/gnusocial/gnu-social; then
+    rm -rf /home/gnusocial/gnu-social/.git
+    mv /home/gnusocial/gnu-social/* /var/www/statusnet/
+fi
diff --git a/scripts/LETSENCRYPT/00_fetch.sh b/scripts/LETSENCRYPT/00_fetch.sh
new file mode 100755 (executable)
index 0000000..3fc39a6
--- /dev/null
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+if [ ! -d $LETSENCRYPT_PATH/letsencrypt ]; then
+    cd $target/$LETSENCRYPT_PATH
+    git clone https://github.com/letsencrypt/letsencrypt
+fi
+fcopy -Bv /etc/init.d/request-letsencrypt
+
+$ROOTCMD sed 's^LETSENCRYPT_EMAIL_TOKEN^'$LETSENCRYPT_EMAIL'^g' -i /etc/init.d/request-letsencrypt
+$ROOTCMD sed 's^SERVERNAME_TOKEN^'$SERVERNAME'^g' -i /etc/init.d/request-letsencrypt
+$ROOTCMD sed 's^HOSTNAME_TOKEN^'$HOSTNAME'^g' -i /etc/init.d/request-letsencrypt
+
+
+$ROOTCMD update-rc.d request-letsencrypt defaults
diff --git a/scripts/VM/00_setup_pygrub.sh b/scripts/VM/00_setup_pygrub.sh
new file mode 100755 (executable)
index 0000000..89b8fdc
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+fcopy -vB /boot/grub/menu.lst
diff --git a/scripts/YOURLS/10_download_yourls.sh b/scripts/YOURLS/10_download_yourls.sh
new file mode 100755 (executable)
index 0000000..eae43f8
--- /dev/null
@@ -0,0 +1,19 @@
+#! /bin/bash
+
+YOURLS_VERS='1.7.1'
+
+# Download yourls and install; we're going to be doing this under the gnusocial user.
+if ! $ROOTCMD getent passwd gnusocial ; then
+    $ROOTCMD adduser --system --ingroup www-data --disabled-password --gecos "gnusocial user" gnusocial
+fi
+
+if ! $ROOTCMD test -e /home/gnusocial/.ssh/id_rsa; then
+    $ROOTCMD echo | $ROOTCMD sudo -u gnusocial ssh-keygen -N ''
+fi
+
+if ! $ROOTCMD echo | cd /home/gnusocial/ 
+    mkdir /var/www/yourls
+    curl https://codeload.github.com/YOURLS/YOURLS/tar.gz/$YOURLS_VERS -o /home/gnusocial/yourls.tar.gz; then
+    tar xf /home/gnusocial/yourls.tar.gz -C /home/gnusocial/
+    mv /home/gnusocial/YOURLS-$YOURLS_VERS/* /var/www/yourls/
+fi
diff --git a/scripts/ZONEMINDER/10-apache-enable-zm.sh b/scripts/ZONEMINDER/10-apache-enable-zm.sh
new file mode 100755 (executable)
index 0000000..5024914
--- /dev/null
@@ -0,0 +1,10 @@
+#! /bin/sh
+
+# create/link apache configs
+ln -sf $target/etc/zm/apache.conf $target/etc/apache2/conf-available/zoneminder.conf
+fcopy -v /etc/apache2/conf-available/redirect-to-zm.conf
+
+# enable apache configs
+ln -sf $target/etc/apache2/conf-available/zoneminder.conf $target/etc/apache2/conf-enabled/
+ln -sf $target/etc/apache2/conf-available/redirect-to-zm.conf $target/etc/apache2/conf-enabled/
+