From cc84a6581c14798b305b30c4bed756836b8c2c97 Mon Sep 17 00:00:00 2001
From: Lisa Marie Maginnis <lisam@fsf.org>
Date: Sun, 28 Feb 2016 13:50:37 -0500
Subject: [PATCH] round2 of gmg install

---
 class/50-host-classes                         |  3 +
 class/GMG.var                                 |  2 +
 class/LIBREPLANET.var                         |  1 +
 files/etc/init.d/install-mediagoblin/DEFAULT  | 24 ++++--
 .../mediagoblin.ini/DEFAULT                   | 74 +++++++++++++++++++
 .../etc/nginx/mediagoblin-common.conf/DEFAULT | 59 +++++++++++++++
 .../nginx/sites-available/mediagoblin/DEFAULT | 35 +++++++++
 scripts/GMG/10_create_dir.sh                  |  3 +
 scripts/GMG/15_install_gmg.sh                 | 12 +++
 9 files changed, 206 insertions(+), 7 deletions(-)
 create mode 100644 class/LIBREPLANET.var
 create mode 100644 files/etc/mediagoblin-templates/mediagoblin.ini/DEFAULT
 create mode 100644 files/etc/nginx/mediagoblin-common.conf/DEFAULT
 create mode 100644 files/etc/nginx/sites-available/mediagoblin/DEFAULT

diff --git a/class/50-host-classes b/class/50-host-classes
index 678ed27..322e263 100755
--- a/class/50-host-classes
+++ b/class/50-host-classes
@@ -80,6 +80,9 @@ case $HOSTNAME in
     glamp*)
 	echo "FAIBASE MYSQLD PHP5 SYSADMIN WWW"
 	;;
+    gmg*libreplanet.org)
+	echo "FAIBASE VM PSQL GMG SYSADMIN LIBREPLANET"
+	;;
     gmg*)
 	echo "FAIBASE VM PSQL GMG SYSADMIN"
 	;;
diff --git a/class/GMG.var b/class/GMG.var
index 6bfefbd..cd323be 100644
--- a/class/GMG.var
+++ b/class/GMG.var
@@ -1 +1,3 @@
 GMG_PATH=/srv/gmg
+GMG_SENDER=noreply@libreplanet.org
+GMG_LOGPATH=/var/log/mediagoblin
diff --git a/class/LIBREPLANET.var b/class/LIBREPLANET.var
new file mode 100644
index 0000000..3566467
--- /dev/null
+++ b/class/LIBREPLANET.var
@@ -0,0 +1 @@
+DOMAIN=libreplanet.org
diff --git a/files/etc/init.d/install-mediagoblin/DEFAULT b/files/etc/init.d/install-mediagoblin/DEFAULT
index 63af9e4..45f0cc3 100755
--- a/files/etc/init.d/install-mediagoblin/DEFAULT
+++ b/files/etc/init.d/install-mediagoblin/DEFAULT
@@ -1,5 +1,6 @@
 #/bin/bash
-
+echo Installing GMG into GMG_PATH_TOKEN...
+(
 cd GMG_PATH_TOKEN
 if [ ! -d mediagoblin ]; then
 
@@ -14,14 +15,23 @@ if [ ! -d mediagoblin ]; then
     # Crea te GMG database
     sudo -u postgres createdb -E UNICODE -O mediagoblin mediagoblin
 
-    git clone git://git.savannah.gnu.org/mediagoblin.git -b stable
+    sudo -u mediagoblin git clone git://git.savannah.gnu.org/mediagoblin.git -b stable
 
     cd mediagoblin
-    git submodule init && git submodule update
+    sudo -u mediagoblin git submodule init && git submodule update
+
+    sudo -u mediagoblin ./bootstrap.sh && sudo -u mediagoblin ./configure && sudo -u mediagoblin make
+    sudo -u mediagoblin mkdir user_dev && sudo -u mediagoblin chmod 750 user_dev
+    sudo -u mediagoblin ./bin/easy_install flup
+
+    sudo -u mediagoblin cp /etc/mediagoblin-templates/mediagoblin.ini mediagoblin_local.ini
 
-    ./bootstrap.sh && ./configure && make
-    mkdir user_dev && chmod 750 user_dev
-    ./bin/easy_install flup
+    sudo -u mediagoblin ./bin/gmg dbupdate
 
-    update-rc.d mediagoblin defaults
+    update-rc.d mediagoblin-paster defaults
+    update-rc.d mediagoblin-celery-worker defaults
+    /etc/init.d/mediagoblin-paster start
+    /etc/init.d/mediagoblin-celery-worker start
 fi
+) >> /var/log/fai/install-mediagoblin.log
+echo Install Completed, started mediagoblin-paster and mediagoblin-celery-worker
\ No newline at end of file
diff --git a/files/etc/mediagoblin-templates/mediagoblin.ini/DEFAULT b/files/etc/mediagoblin-templates/mediagoblin.ini/DEFAULT
new file mode 100644
index 0000000..3311372
--- /dev/null
+++ b/files/etc/mediagoblin-templates/mediagoblin.ini/DEFAULT
@@ -0,0 +1,74 @@
+# If you want to make changes to this file, first copy it to
+# mediagoblin_local.ini, then make the changes there.
+#
+# If you don't see what you need here, have a look at mediagoblin/config_spec.ini
+# It defines types and defaults so it's a good place to look for documentation
+# or to find hidden options that we didn't tell you about. :)
+
+# To change the directory you should make sure you change the
+# directory in paste.ini and/or your webserver configuration.
+#
+# [DEFAULT]
+data_basedir = "GMG_PATH_TOKEN"
+
+[mediagoblin]
+direct_remote_path = /mgoblin_static/
+email_sender_address = "GMG_SENDER_TOKEN"
+
+## Uncomment and change to your DB's appropiate setting.
+## Default is a local sqlite db "mediagoblin.db".
+## Don't forget to run `./bin/gmg dbupdate` after having changed it.
+sql_engine = postgresql:///mediagoblin
+
+# Set to false to enable sending notices
+email_debug_mode = false
+
+# Set to false to disable registrations
+allow_registration = false
+
+# Set to false to disable the ability for users to report offensive content
+allow_reporting = false
+
+## Uncomment this to put some user-overriding templates here
+local_templates = %(data_basedir)s/templates/
+
+## You can set your theme by specifying this (not specifying it will
+## use the default theme).  Run `gmg assetlink` to apply the change.
+## The airy and sandyseventiesspeedboat theme comes with GMG; please
+## see the theming docs on how to install other themes.
+# theme = airy
+
+## If you want the terms of service displayed, you can uncomment this
+# show_tos = true
+
+user_privilege_scheme = "uploader,commenter,reporter"
+[storage:queuestore]
+base_dir = %(data_basedir)s/media/queue
+
+[storage:publicstore]
+base_dir = %(data_basedir)s/media/public
+base_url = /mgoblin_media/
+
+[celery]
+# Put celery stuff here
+
+# Place plugins here, each in their own subsection of [plugins].
+# See http://docs.mediagoblin.org/siteadmin/plugins.html for details.
+[plugins]
+[[mediagoblin.plugins.geolocation]]
+[[mediagoblin.plugins.basic_auth]]
+[[mediagoblin.media_types.image]]
+[[mediagoblin.media_types.video]]
+auto_play = False
+[[[skip_transcode]]]
+audio_codecs = Vorbis,
+container_formats = Matroska, Ogg
+mime_types = video/webm, application/ogg
+dimensions_match = False
+video_codecs = VP8 video, Theora
+[[mediagoblin.media_types.pdf]]
+[[mediagoblin_libreplanet]]
+[[mediagoblin_piwik]]
+PIWIK_DOMAIN = '*.media.libreplanet.org'
+PIWIK_LOCATION = 'piwik.fsf.org'
+PIWIK_SITEID = 11
diff --git a/files/etc/nginx/mediagoblin-common.conf/DEFAULT b/files/etc/nginx/mediagoblin-common.conf/DEFAULT
new file mode 100644
index 0000000..7296b0e
--- /dev/null
+++ b/files/etc/nginx/mediagoblin-common.conf/DEFAULT
@@ -0,0 +1,59 @@
+server {
+ #################################################
+ # Stock useful config options, but ignore them :)
+ #################################################
+ include /etc/nginx/mime.types;
+
+ autoindex off;
+ default_type  application/octet-stream;
+ sendfile on;
+
+ # Gzip
+ gzip on;
+ gzip_min_length 1024;
+ gzip_buffers 4 32k;
+ gzip_types text/plain application/x-javascript text/javascript text/xml text/css;
+
+ #####################################
+ # Mounting MediaGoblin stuff
+ # This is the section you should read
+ #####################################
+
+ # Change this to update the upload size limit for your users
+ client_max_body_size 4g;
+
+ # prevent attacks (someone uploading a .txt file that the browser
+ # interprets as an HTML file, etc.)
+ add_header X-Content-Type-Options nosniff;
+
+ # MediaGoblin's stock static files: CSS, JS, etc.
+ location /mgoblin_static/ {
+    alias /srv/mediagoblin.example.org/mediagoblin/mediagoblin/static/;
+ }
+
+ # Instance specific media:
+ location /mgoblin_media/ {
+    alias /srv/mediagoblin.example.org/mediagoblin/user_dev/media/public/;
+ }
+
+ # Theme static files (usually symlinked in)
+ location /theme_static/ {
+    alias /srv/mediagoblin.example.org/mediagoblin/user_dev/theme_static/;
+ }
+
+ # Plugin static files (usually symlinked in)
+ location /plugin_static/ {
+    alias /srv/mediagoblin.example.org/mediagoblin/user_dev/plugin_static/;
+ }
+
+ # Mounting MediaGoblin itself via FastCGI.
+ location / {
+    fastcgi_pass 127.0.0.1:26543;
+    include /etc/nginx/fastcgi_params;
+
+    # our understanding vs nginx's handling of script_name vs
+    # path_info don't match :)
+    fastcgi_param PATH_INFO $fastcgi_script_name;
+    fastcgi_param SCRIPT_NAME "";
+ }
+}
\ No newline at end of file
diff --git a/files/etc/nginx/sites-available/mediagoblin/DEFAULT b/files/etc/nginx/sites-available/mediagoblin/DEFAULT
new file mode 100644
index 0000000..6a8af0c
--- /dev/null
+++ b/files/etc/nginx/sites-available/mediagoblin/DEFAULT
@@ -0,0 +1,35 @@
+server {
+    listen   80;
+    server_name media.libreplanet.org;
+
+    include    /etc/nginx/mediagoblin-common.conf;
+
+    ## redirect http to https ##
+    rewrite        ^ https://$server_name$request_uri? permanent;
+
+    access_log /var/log/nginx/media.libreplanet.org-access.log;
+    error_log /var/log/nginx/media.libreplanet.org-error.log; 
+}
+
+server {
+  listen 443;
+
+  include    /etc/nginx/mediagoblin-common.conf;
+
+  access_log  /var/log/nginx/media.libreplanet.org-ssl.access.log;
+  error_log  /var/log/nginx/media.libreplanet.org-ssl.error.log;
+
+  ssl on;
+
+  ## Use a SSL/TLS cache for SSL session resume.
+  ssl_session_cache shared:SSL:10m;
+  ssl_session_timeout 10m;
+
+  ssl_certificate /etc/ssl/certs/wildcard.libreplanet.org-full-chain.crt;
+  ssl_certificate_key /etc/ssl/private/wildcard.libreplanet.org.key;
+
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_prefer_server_ciphers on;
+  ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+}
\ No newline at end of file
diff --git a/scripts/GMG/10_create_dir.sh b/scripts/GMG/10_create_dir.sh
index 15a539d..c0931c3 100755
--- a/scripts/GMG/10_create_dir.sh
+++ b/scripts/GMG/10_create_dir.sh
@@ -3,4 +3,7 @@
 if [ ! -d $GMG_PATH ]; then
     $ROOTCMD mkdir -p $GMG_PATH && $ROOTCMD chown -hR mediagoblin:www-data $GMG_PATH
 fi
+if [ ! -d $GMG_LOGPATH ]; then
+    $ROOTCMD mkdir -p $GMG_LOGPATH && $ROOTCMD chown -hR mediagoblin:mediagoblin $GMG_LOGPATH
+fi
 
diff --git a/scripts/GMG/15_install_gmg.sh b/scripts/GMG/15_install_gmg.sh
index 4a3fa3e..8cc9d34 100755
--- a/scripts/GMG/15_install_gmg.sh
+++ b/scripts/GMG/15_install_gmg.sh
@@ -1,10 +1,22 @@
 #!/bin/bash
 
+# Copy configs
 fcopy -Bv /etc/init.d/install-mediagoblin
 fcopy -Bv /etc/init.d/mediagoblin-paster
 fcopy -Bv /etc/init.d/mediagoblin-celery-worker
+fcopy -Bv /etc/mediagoblin-templates/mediagolbin.ini
+fcopy -Bv /etc/nginx/sites-available/mediagoblin
+fcopy -Bv /etc/nginx/mediagoblin-common.conf
 
+# Add installer to boot
 $ROOTCMD update-rc.d install-mediagoblin defaults
+fqdn=$HOSTNAME.$DOMAIN
+
+# Replace Tokens
 sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/install-mediagoblin
 sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/mediagoblin-celery-worker
 sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/init.d/mediagoblin-paster
+
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/mediagoblin-templates/mediagolbin.ini
+sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/ngnix/mediagoblin-common.conf
+sed 's^GMG_SENDER_TOKEN^'$GMG_SENDER'^g' -i $target/etc/mediagoblin-templates/mediagolbin.ini
-- 
2.25.1