progress
This commit is contained in:
parent
5e5fd1b19a
commit
4672e0dfc3
78
files/kaz.sh
78
files/kaz.sh
@ -1,78 +0,0 @@
|
||||
#!/bin/bash
|
||||
if [ -z "${KAZGUARD}" ] ; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
DIR=$(cd "$(dirname $0)"; pwd)
|
||||
cd "${DIR}"
|
||||
set -e
|
||||
export VAGRANT_SRC_DIR=/vagrant/files
|
||||
|
||||
mkdir -p "${VAGRANT_SRC_DIR}/log/"
|
||||
export DebugLog="${VAGRANT_SRC_DIR}/log/log-kaz-$(date +%y-%m-%d-%T)-"
|
||||
(
|
||||
echo "########## ********** Start kaz.sh $(date +%D-%T)"
|
||||
#pour la résolution de noms dans /etc/hosts
|
||||
SERVICES_LIST="smtp mail ldap www depot tableur pad webmail sondage garradin test-garradin wiki git agora cloud office cachet quotas"
|
||||
|
||||
docker-clean -a
|
||||
rm -rf /kaz
|
||||
|
||||
if [ -z "${KAZBRANCH}" ] ; then
|
||||
KAZBRANCH="master"
|
||||
fi
|
||||
echo -e "\n #### git checkout ${KAZBRANCH}\n"
|
||||
|
||||
|
||||
# copie des sources
|
||||
cd /
|
||||
[ -f kaz ] || git clone https://git.kaz.bzh/KAZ/kaz.git
|
||||
(cd /kaz ; git checkout "${KAZBRANCH}" )
|
||||
find /kaz -name \*.sh -exec chmod a+x {} \;
|
||||
|
||||
# pour ceux qui disposent d'un cache apt local et pas la fibre
|
||||
if [ -f "${VAGRANT_SRC_DIR}/.apt-mirror-config" ]; then
|
||||
rsync -a "${VAGRANT_SRC_DIR}/.apt-mirror-config" /kaz/
|
||||
fi
|
||||
if [ -f "${VAGRANT_SRC_DIR}/.proxy-config" ]; then
|
||||
rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /etc/profile.d/proxy.sh
|
||||
rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /kaz/
|
||||
fi
|
||||
if [ -f "${VAGRANT_SRC_DIR}/.docker-config.json" ]; then
|
||||
mkdir -p /root/.docker
|
||||
rsync -a "${VAGRANT_SRC_DIR}/.docker-config.json" /root/.docker/config.json
|
||||
fi
|
||||
|
||||
|
||||
|
||||
echo -e "\n #### rsync download\n"
|
||||
[ -d "${VAGRANT_SRC_DIR}/kaz/download" ] &&
|
||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/download/" /kaz/download/
|
||||
[ -d "${VAGRANT_SRC_DIR}/kaz/git" ] &&
|
||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/git/" /kaz/git/
|
||||
[ -f "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" ] &&
|
||||
[ ! -f "/kaz/config/dockers.env" ] &&
|
||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" /kaz/config/dockers.env
|
||||
for type in mail orga proxy withMail withoutMail ; do
|
||||
[ -f "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" ] &&
|
||||
[ ! -f "/kaz/config/config/container-${type}.list" ] &&
|
||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" /kaz/config/
|
||||
done
|
||||
|
||||
echo -e "\n #### secretGen\n"
|
||||
/kaz/bin/secretGen.sh
|
||||
|
||||
#possibilité de lancer vagrant up NOKAZ="true" quand on construit la machine
|
||||
if [ "${NOKAZ}" == "true" ]; then
|
||||
echo "on ne lance pas install.sh"
|
||||
else
|
||||
echo "on lance install.sh"
|
||||
/kaz/bin/install.sh
|
||||
fi
|
||||
|
||||
# clear apt cache
|
||||
DEBIAN_FRONTEND=noninteractive apt-get autoremove -y
|
||||
DEBIAN_FRONTEND=noninteractive apt-get clean
|
||||
|
||||
echo "########## ********** End kaz.sh $(date +%D-%T)"
|
||||
) > >(tee ${DebugLog}stdout.log) 2> >(tee ${DebugLog}stderr.log >&2)
|
@ -162,27 +162,13 @@ EOF
|
||||
export CAROOT=/etc/letsencrypt/local/
|
||||
/root/mkcert/mkcert -install # CA dans /etc/letsencrypt/local/
|
||||
cd "${CAROOT}"
|
||||
/root/mkcert/mkcert "*.kaz.milxc" # cert et clé dans /etc/letsencrypt/local/
|
||||
/root/mkcert/mkcert "*.kaz.sns" # cert et clé dans /etc/letsencrypt/local/
|
||||
|
||||
mkdir -p /etc/letsencrypt/live/kaz.milxc/
|
||||
ln -s ../../local/_wildcard.kaz.milxc.pem /etc/letsencrypt/live/kaz.milxc/fullchain.pem
|
||||
ln -s ../../local/_wildcard.kaz.milxc-key.pem /etc/letsencrypt/live/kaz.milxc/privkey.pem
|
||||
mkdir -p /etc/letsencrypt/live/kaz.sns/
|
||||
ln -s ../../local/_wildcard.kaz.sns.pem /etc/letsencrypt/live/kaz.sns/fullchain.pem
|
||||
ln -s ../../local/_wildcard.kaz.sns-key.pem /etc/letsencrypt/live/kaz.sns/privkey.pem
|
||||
fi
|
||||
|
||||
# Essai pour faire accepter la CA à FFOX dès le début
|
||||
# Add to Firefox store
|
||||
if [ ! -f /usr/lib/firefox-esr/distribution/policies.json ]; then
|
||||
cat > /usr/lib/firefox-esr/distribution/policies.json << EOF
|
||||
{
|
||||
"policies": {
|
||||
"Certificates": {
|
||||
"ImportEnterpriseRoots": true,
|
||||
"Install": ["/etc/letsencrypt/local/rootCA.pem"]
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
fi
|
||||
|
||||
#***********FIN CERTIF*******************
|
||||
|
||||
@ -211,10 +197,10 @@ EOF
|
||||
|
||||
# On crée quelques mails
|
||||
SETUP_MAIL="docker exec -ti mailServ setup"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact1@kaz.milxc toto"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact2@kaz.milxc toto"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact3@kaz.milxc toto"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact4@kaz.milxc toto"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact1@kaz.sns toto"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact2@kaz.sns toto"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact3@kaz.sns toto"
|
||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact4@kaz.sns toto"
|
||||
|
||||
|
||||
echo "########## ********** End Vagrant $(date +%D-%T)"
|
||||
|
@ -28,3 +28,13 @@ if [ -d letsencrypt ]; then
|
||||
cp /etc/letsencrypt/local/rootCA.pem /usr/local/share/ca-certificates/rootCA.crt
|
||||
/usr/sbin/update-ca-certificates --fresh
|
||||
fi
|
||||
|
||||
# Add to Firefox store
|
||||
echo -e '{
|
||||
"policies": {
|
||||
"Certificates": {
|
||||
"ImportEnterpriseRoots": true,
|
||||
"Install": ["/etc/ssl/certs/rootCA.pem"]
|
||||
}
|
||||
}
|
||||
}' > /usr/lib/firefox-esr/distribution/policies.json
|
||||
|
Loading…
Reference in New Issue
Block a user