progress
This commit is contained in:
parent
5e5fd1b19a
commit
4672e0dfc3
78
files/kaz.sh
78
files/kaz.sh
@ -1,78 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
if [ -z "${KAZGUARD}" ] ; then
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
DIR=$(cd "$(dirname $0)"; pwd)
|
|
||||||
cd "${DIR}"
|
|
||||||
set -e
|
|
||||||
export VAGRANT_SRC_DIR=/vagrant/files
|
|
||||||
|
|
||||||
mkdir -p "${VAGRANT_SRC_DIR}/log/"
|
|
||||||
export DebugLog="${VAGRANT_SRC_DIR}/log/log-kaz-$(date +%y-%m-%d-%T)-"
|
|
||||||
(
|
|
||||||
echo "########## ********** Start kaz.sh $(date +%D-%T)"
|
|
||||||
#pour la résolution de noms dans /etc/hosts
|
|
||||||
SERVICES_LIST="smtp mail ldap www depot tableur pad webmail sondage garradin test-garradin wiki git agora cloud office cachet quotas"
|
|
||||||
|
|
||||||
docker-clean -a
|
|
||||||
rm -rf /kaz
|
|
||||||
|
|
||||||
if [ -z "${KAZBRANCH}" ] ; then
|
|
||||||
KAZBRANCH="master"
|
|
||||||
fi
|
|
||||||
echo -e "\n #### git checkout ${KAZBRANCH}\n"
|
|
||||||
|
|
||||||
|
|
||||||
# copie des sources
|
|
||||||
cd /
|
|
||||||
[ -f kaz ] || git clone https://git.kaz.bzh/KAZ/kaz.git
|
|
||||||
(cd /kaz ; git checkout "${KAZBRANCH}" )
|
|
||||||
find /kaz -name \*.sh -exec chmod a+x {} \;
|
|
||||||
|
|
||||||
# pour ceux qui disposent d'un cache apt local et pas la fibre
|
|
||||||
if [ -f "${VAGRANT_SRC_DIR}/.apt-mirror-config" ]; then
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/.apt-mirror-config" /kaz/
|
|
||||||
fi
|
|
||||||
if [ -f "${VAGRANT_SRC_DIR}/.proxy-config" ]; then
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /etc/profile.d/proxy.sh
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /kaz/
|
|
||||||
fi
|
|
||||||
if [ -f "${VAGRANT_SRC_DIR}/.docker-config.json" ]; then
|
|
||||||
mkdir -p /root/.docker
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/.docker-config.json" /root/.docker/config.json
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
echo -e "\n #### rsync download\n"
|
|
||||||
[ -d "${VAGRANT_SRC_DIR}/kaz/download" ] &&
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/download/" /kaz/download/
|
|
||||||
[ -d "${VAGRANT_SRC_DIR}/kaz/git" ] &&
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/git/" /kaz/git/
|
|
||||||
[ -f "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" ] &&
|
|
||||||
[ ! -f "/kaz/config/dockers.env" ] &&
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" /kaz/config/dockers.env
|
|
||||||
for type in mail orga proxy withMail withoutMail ; do
|
|
||||||
[ -f "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" ] &&
|
|
||||||
[ ! -f "/kaz/config/config/container-${type}.list" ] &&
|
|
||||||
rsync -a "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" /kaz/config/
|
|
||||||
done
|
|
||||||
|
|
||||||
echo -e "\n #### secretGen\n"
|
|
||||||
/kaz/bin/secretGen.sh
|
|
||||||
|
|
||||||
#possibilité de lancer vagrant up NOKAZ="true" quand on construit la machine
|
|
||||||
if [ "${NOKAZ}" == "true" ]; then
|
|
||||||
echo "on ne lance pas install.sh"
|
|
||||||
else
|
|
||||||
echo "on lance install.sh"
|
|
||||||
/kaz/bin/install.sh
|
|
||||||
fi
|
|
||||||
|
|
||||||
# clear apt cache
|
|
||||||
DEBIAN_FRONTEND=noninteractive apt-get autoremove -y
|
|
||||||
DEBIAN_FRONTEND=noninteractive apt-get clean
|
|
||||||
|
|
||||||
echo "########## ********** End kaz.sh $(date +%D-%T)"
|
|
||||||
) > >(tee ${DebugLog}stdout.log) 2> >(tee ${DebugLog}stderr.log >&2)
|
|
@ -162,27 +162,13 @@ EOF
|
|||||||
export CAROOT=/etc/letsencrypt/local/
|
export CAROOT=/etc/letsencrypt/local/
|
||||||
/root/mkcert/mkcert -install # CA dans /etc/letsencrypt/local/
|
/root/mkcert/mkcert -install # CA dans /etc/letsencrypt/local/
|
||||||
cd "${CAROOT}"
|
cd "${CAROOT}"
|
||||||
/root/mkcert/mkcert "*.kaz.milxc" # cert et clé dans /etc/letsencrypt/local/
|
/root/mkcert/mkcert "*.kaz.sns" # cert et clé dans /etc/letsencrypt/local/
|
||||||
|
|
||||||
mkdir -p /etc/letsencrypt/live/kaz.milxc/
|
mkdir -p /etc/letsencrypt/live/kaz.sns/
|
||||||
ln -s ../../local/_wildcard.kaz.milxc.pem /etc/letsencrypt/live/kaz.milxc/fullchain.pem
|
ln -s ../../local/_wildcard.kaz.sns.pem /etc/letsencrypt/live/kaz.sns/fullchain.pem
|
||||||
ln -s ../../local/_wildcard.kaz.milxc-key.pem /etc/letsencrypt/live/kaz.milxc/privkey.pem
|
ln -s ../../local/_wildcard.kaz.sns-key.pem /etc/letsencrypt/live/kaz.sns/privkey.pem
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Essai pour faire accepter la CA à FFOX dès le début
|
|
||||||
# Add to Firefox store
|
|
||||||
if [ ! -f /usr/lib/firefox-esr/distribution/policies.json ]; then
|
|
||||||
cat > /usr/lib/firefox-esr/distribution/policies.json << EOF
|
|
||||||
{
|
|
||||||
"policies": {
|
|
||||||
"Certificates": {
|
|
||||||
"ImportEnterpriseRoots": true,
|
|
||||||
"Install": ["/etc/letsencrypt/local/rootCA.pem"]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
EOF
|
|
||||||
fi
|
|
||||||
|
|
||||||
#***********FIN CERTIF*******************
|
#***********FIN CERTIF*******************
|
||||||
|
|
||||||
@ -211,10 +197,10 @@ EOF
|
|||||||
|
|
||||||
# On crée quelques mails
|
# On crée quelques mails
|
||||||
SETUP_MAIL="docker exec -ti mailServ setup"
|
SETUP_MAIL="docker exec -ti mailServ setup"
|
||||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact1@kaz.milxc toto"
|
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact1@kaz.sns toto"
|
||||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact2@kaz.milxc toto"
|
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact2@kaz.sns toto"
|
||||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact3@kaz.milxc toto"
|
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact3@kaz.sns toto"
|
||||||
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact4@kaz.milxc toto"
|
snster -c /root/snster-kaz -t /root/templates attach kaz-prod -x "${SETUP_MAIL} email add contact4@kaz.sns toto"
|
||||||
|
|
||||||
|
|
||||||
echo "########## ********** End Vagrant $(date +%D-%T)"
|
echo "########## ********** End Vagrant $(date +%D-%T)"
|
||||||
|
@ -28,3 +28,13 @@ if [ -d letsencrypt ]; then
|
|||||||
cp /etc/letsencrypt/local/rootCA.pem /usr/local/share/ca-certificates/rootCA.crt
|
cp /etc/letsencrypt/local/rootCA.pem /usr/local/share/ca-certificates/rootCA.crt
|
||||||
/usr/sbin/update-ca-certificates --fresh
|
/usr/sbin/update-ca-certificates --fresh
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Add to Firefox store
|
||||||
|
echo -e '{
|
||||||
|
"policies": {
|
||||||
|
"Certificates": {
|
||||||
|
"ImportEnterpriseRoots": true,
|
||||||
|
"Install": ["/etc/ssl/certs/rootCA.pem"]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}' > /usr/lib/firefox-esr/distribution/policies.json
|
||||||
|
Loading…
Reference in New Issue
Block a user