[WIP] Allow multiple installations of same blueprint (#88)

* Multi-install support, Blueprints and config changes. Initial commit

* Migrating jails to blueprints, first steps.
Tested Working:
- Transmission
- Lidarr
- Sonarr
- Radarr

fix lidarr config (+10 squashed commit)

Squashed commit:

[5f14653] always link ports folders

[f18f2f0] Optional (blueprint) ports mount
Fixes #89

[96ef7e7] chmod all the things

[129e707] same mistake... again...

[e1596dc] missing reference

[6da3567] Forgot one reference

[d78b5b6] Update wiki.yml

[cecc53a] Update filecheck.yml

[5244abd] basic settings changed.
More involved blueprints still need changes, such as: Bitwarden, nextcloud, Mariadb

[6568e92] jails -> blueprints

* Added Tested Working:
- KMS
- Plex
- Tautulli
- Organizr
- InfluxDB
- MariaDB

Many squashed small fixes included:
Make *.rc executable (+13 squashed commit)

Squashed commit:

[b28aa83] use .rc for rc.d config files

[e940a48] some mariadb cleanup

[dc27aff] testing another way

[83bd91b] Mariadb root password alter instead of update, initial config for unifi

[0ca3074] some light config cleanup

[a0d4352] also remove database from influxdb example config (db should be created when required)

[2c218cc] Prepare influxdb and remove unneeded content

[1b34109] more shellcheck fixups

[c96566c] Some shellcheck cleanup

[8969ca7] bitwarden mostly done, some work on nextcloud and unifi

[7f89bfa] initial mariadb patch

[dd7e85f] missed one problem

[f814cb7] Initial pseudo-compatibility patch for unifi

* Enable Bitwarden support and some small fixes/tweaks
Fixes #95

more bugs and typo's (+3 squashed commit)

Squashed commit:

[3b5213e] Bitwarden not correctly installing db

[b7438a5] yeah thats not gonna cut it... >.<

[e7987c2] some slight bitwarden tweaks

* Enable Unifi support and some small fixes/tweaks

small unifi cleanup. Unifi is working (+3 squashed commit)

Squashed commit:

[d906d2d] chmod unifi

[545e999] Add extra sanity, remove unneeded variables from example

[b8c0b24] Some small Unifi Tweaks

* Nextcloud Cleanup, Some fixes, Initial support for blueprintsystem
Fixes #96
Fixes #97
Fixes #98

some bloat and syntax fixes (+5 squashed commit)

Squashed commit:

[78f6428] Some more nextcloud cleanup and tweaks
- combines multiple variables for cert system selection (Fixes #98 )
- Default to self signed cert
- Force manual admin password

[7cacae4] slight fixes

[3d81cda] More cleanup

[50496cc] small mariadb fix and more nextcloud cleanup

[c1b2c20] Cleaning nextcloud
- Remove external DB (Fixes #97 )
- Remove Postgresql (Fixes #96 )
- Some preparation for blueprint

* Nextcloud done

and..  another... (+5 squashed commit)

Squashed commit:

[c65751b] caddy not installed right.

[e5da66b] more fixes

[a33300e] Damnit, two typo's same scentence

[4292a7a] another typo

[1b820cf] typo and example hotfix

* Introduce version checking for config file
This commit is contained in:
Kjeld Schouten-Lebbing 2020-05-02 17:45:13 +02:00 committed by GitHub
parent 66e997069a
commit dbfbd489fa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
140 changed files with 1361 additions and 1888 deletions

View File

@ -13,9 +13,9 @@ jobs:
- uses: actions/checkout@v1
- name: check existance
run: |
for pathname in jails/*; do test -e $pathname/readme.md || { echo "File missing: $pathname/readme.md"; error="true"; }; done
for pathname in jails/*; do test -e $pathname/install.sh || { echo "File missing: $pathname/install.sh"; error="true"; }; done
for pathname in jails/*; do test -e $pathname/update.sh || { echo "File missing: $pathname/update.sh"; error="true"; }; done
for pathname in jails/*; do test -e $pathname/config.yml || { echo "File missing: $pathname/config.yml"; error="true"; }; done
for pathname in blueprints/*; do test -e $pathname/readme.md || { echo "File missing: $pathname/readme.md"; error="true"; }; done
for pathname in blueprints/*; do test -e $pathname/install.sh || { echo "File missing: $pathname/install.sh"; error="true"; }; done
for pathname in blueprints/*; do test -e $pathname/update.sh || { echo "File missing: $pathname/update.sh"; error="true"; }; done
for pathname in blueprints/*; do test -e $pathname/config.yml || { echo "File missing: $pathname/config.yml"; error="true"; }; done
if [ "${error}" == "true" ]; then echo "Missing files detected" && exit 1; fi
shell: bash

View File

@ -15,10 +15,7 @@ jobs:
ref: 'master'
- name: rename-readme
run: |
for pathname in jails/*/README.MD; do ! cp "$pathname" "docs/jails/$( basename "$( dirname "$pathname" )" ).md"; done
for pathname in jails/*/README.md; do ! cp "$pathname" "docs/jails/$( basename "$( dirname "$pathname" )" ).md"; done
for pathname in jails/*/readme.md; do ! cp "$pathname" "docs/jails/$( basename "$( dirname "$pathname" )" ).md"; done
for pathname in jails/*/Readme.md; do ! cp "$pathname" "docs/jails/$( basename "$( dirname "$pathname" )" ).md"; done
for pathname in blueprints/*/readme.md; do ! cp "$pathname" "docs/blueprints/$( basename "$( dirname "$pathname" )" ).md"; done
shell: bash
- name: Deploy docs
uses: mhausenblas/mkdocs-deploy-gh-pages@master

View File

@ -0,0 +1,3 @@
blueprint:
bitwarden:
pkgs: sqlite3 nginx git sudo vim-tiny bash node npm python27-2.7.17_1 mariadb104-client

119
blueprints/bitwarden/install.sh Executable file
View File

@ -0,0 +1,119 @@
#!/usr/local/bin/bash
# This file contains the install script for bitwarden
# Initialise defaults
JAIL_IP="jail_${1}_ip4_addr"
JAIL_IP="${!JAIL_IP%/*}"
HOST_NAME="jail_${1}_host_name"
DB_DATABASE="jail_${1}_db_database"
DB_DATABASE="${!DB_DATABASE:-$1}"
DB_USER="jail_${1}_db_user"
DB_USER="${!DB_USER:-$DB_DATABASE}"
# shellcheck disable=SC2154
INSTALL_TYPE="jail_${1}_db_type"
INSTALL_TYPE="${!INSTALL_TYPE:-mariadb}"
DB_JAIL="jail_${1}_db_jail"
# shellcheck disable=SC2154
DB_HOST="jail_${!DB_JAIL}_ip4_addr"
DB_HOST="${!DB_HOST%/*}:3306"
# shellcheck disable=SC2154
DB_PASSWORD="jail_${1}_db_password"
DB_STRING="mysql://${DB_USER}:${!DB_PASSWORD}@${DB_HOST}/${DB_DATABASE}"
# shellcheck disable=SC2154
ADMIN_TOKEN="jail_${1}_admin_token"
if [ -z "${!DB_PASSWORD}" ]; then
echo "db_password can't be empty"
exit 1
fi
if [ -z "${!DB_JAIL}" ]; then
echo "db_jail can't be empty"
exit 1
fi
if [ -z "${!JAIL_IP}" ]; then
echo "ip4_addr can't be empty"
exit 1
fi
if [ -z "${!ADMIN_TOKEN}" ]; then
ADMIN_TOKEN=$(openssl rand -base64 16)
fi
# install latest rust version, pkg version is outdated and can't build bitwarden_rs
iocage exec "${1}" "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y"
# Install Bitwarden_rs
iocage exec "${1}" mkdir -p /usr/local/share/bitwarden/src
iocage exec "${1}" git clone https://github.com/dani-garcia/bitwarden_rs/ /usr/local/share/bitwarden/src
TAG=$(iocage exec "${1}" "git -C /usr/local/share/bitwarden/src tag --sort=v:refname | tail -n1")
iocage exec "${1}" "git -C /usr/local/share/bitwarden/src checkout ${TAG}"
#TODO replace with: cargo build --features mysql --release
if [ "${INSTALL_TYPE}" == "mariadb" ]; then
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo build --features mysql --release"
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo install diesel_cli --no-default-features --features mysql"
else
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo build --features sqlite --release"
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo install diesel_cli --no-default-features --features sqlite-bundled"
fi
iocage exec "${1}" cp -r /usr/local/share/bitwarden/src/target/release /usr/local/share/bitwarden/bin
# Download and install webvault
WEB_RELEASE_URL=$(curl -Ls -o /dev/null -w "%{url_effective}" https://github.com/dani-garcia/bw_web_builds/releases/latest)
WEB_TAG="${WEB_RELEASE_URL##*/}"
iocage exec "${1}" "fetch http://github.com/dani-garcia/bw_web_builds/releases/download/$WEB_TAG/bw_web_$WEB_TAG.tar.gz -o /usr/local/share/bitwarden"
iocage exec "${1}" "tar -xzvf /usr/local/share/bitwarden/bw_web_$WEB_TAG.tar.gz -C /usr/local/share/bitwarden/"
iocage exec "${1}" rm /usr/local/share/bitwarden/bw_web_"$WEB_TAG".tar.gz
# shellcheck disable=SC2154
if [ -f "/mnt/${global_dataset_config}/${1}/ssl/bitwarden-ssl.crt" ]; then
echo "certificate exist... Skipping cert generation"
else
"No ssl certificate present, generating self signed certificate"
if [ ! -d "/mnt/${global_dataset_config}/${1}/ssl" ]; then
echo "cert folder not existing... creating..."
iocage exec "${1}" mkdir /config/ssl
fi
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost" -keyout /mnt/"${global_dataset_config}"/"${1}"/ssl/bitwarden-ssl.key -out /mnt/"${global_dataset_config}"/"${1}"/ssl/bitwarden-ssl.crt
fi
if [ -f "/mnt/${global_dataset_config}/${1}/bitwarden.log" ]; then
echo "Reinstall of Bitwarden detected... using existing config and database"
elif [ "${INSTALL_TYPE}" == "mariadb" ]; then
echo "No config detected, doing clean install, utilizing the Mariadb database ${DB_HOST}"
iocage exec "${!DB_JAIL}" mysql -u root -e "CREATE DATABASE ${DB_DATABASE};"
iocage exec "${!DB_JAIL}" mysql -u root -e "GRANT ALL ON ${DB_DATABASE}.* TO ${DB_USER}@${JAIL_IP} IDENTIFIED BY '${!DB_PASSWORD}';"
iocage exec "${!DB_JAIL}" mysqladmin reload
else
echo "No config detected, doing clean install."
fi
iocage exec "${1}" "pw user add bitwarden -c bitwarden -u 725 -d /nonexistent -s /usr/bin/nologin"
iocage exec "${1}" chown -R bitwarden:bitwarden /usr/local/share/bitwarden /config
iocage exec "${1}" mkdir /usr/local/etc/rc.d /usr/local/etc/rc.conf.d
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/bitwarden/includes/bitwarden.rc /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.d/bitwarden
cp "${SCRIPT_DIR}"/blueprints/bitwarden/includes/bitwarden.rc.conf /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.conf.d/bitwarden
echo 'export DATABASE_URL="'"${DB_STRING}"'"' >> /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.conf.d/bitwarden
echo 'export ADMIN_TOKEN="'"${!ADMIN_TOKEN}"'"' >> /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.conf.d/bitwarden
if [ "${!ADMIN_TOKEN}" == "NONE" ]; then
echo "Admin_token set to NONE, disabling admin portal"
else
echo "Admin_token set and admin portal enabled"
iocage exec "${1}" echo "${DB_NAME} Admin Token is ${!ADMIN_TOKEN}" > /root/"${1}"_admin_token.txt
fi
iocage exec "${1}" chmod u+x /usr/local/etc/rc.d/bitwarden
iocage exec "${1}" sysrc "bitwarden_enable=YES"
iocage exec "${1}" service bitwarden restart
echo "Jail ${1} finished Bitwarden install."
echo "Admin Token is ${!ADMIN_TOKEN}"

View File

100
blueprints/bitwarden/update.sh Executable file
View File

@ -0,0 +1,100 @@
#!/usr/local/bin/bash
# This file contains the update script for bitwarden
# Due to it being build from scratch or downloaded directly to execution dir,
# Update for Bitwarden is pretty similair to installation
# Initialise defaults
JAIL_IP="jail_${1}_ip4_addr"
JAIL_IP="${!JAIL_IP%/*}"
HOST_NAME="jail_${1}_host_name"
DB_DATABASE="jail_${1}_db_datavase"
DB_USER="jail_${1}_db_user"
# shellcheck disable=SC2154
INSTALL_TYPE="jail_${1}_type"
DB_JAIL="jail_${1}_db_jail"
DB_JAIL="${!DB_JAIL}"
# shellcheck disable=SC2154
DB_HOST="${DB_JAIL}_ip4_addr"
DB_HOST="${!DB_HOST%/*}:3306"
# shellcheck disable=SC2154
DB_PASSWORD="jail_${1}_db_password"
DB_STRING="mysql://${!DB_USER}:${!DB_PASSWORD}@${DB_HOST}/${!DB_DATABASE}"
# shellcheck disable=SC2154
ADMIN_TOKEN="jail_${1}_admin_token"
if [ -z "${!DB_USER}" ]; then
echo "db_user can't be empty"
exit 1
fi
if [ -z "${!DB_DATABASE}" ]; then
echo "db_database can't be empty"
exit 1
fi
if [ -z "${!DB_PASSWORD}" ]; then
echo "db_password can't be empty"
exit 1
fi
if [ -z "${!DB_JAIL}" ]; then
echo "db_jail can't be empty"
exit 1
fi
if [ -z "${!JAIL_IP}" ]; then
echo "ip4_addr can't be empty"
exit 1
fi
if [ -z "${!ADMIN_TOKEN}" ]; then
ADMIN_TOKEN=$(openssl rand -base64 16)
fi
iocage exec "${1}" service bitwarden stop
# install latest rust version, pkg version is outdated and can't build bitwarden_rs
iocage exec "${1}" "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y"
# Install Bitwarden_rs
iocage exec "${1}" "git -C /usr/local/share/bitwarden/src fetch"
TAG=$(iocage exec "${1}" "git -C /usr/local/share/bitwarden/src tag --sort=v:refname | tail -n1")
iocage exec "${1}" "git -C /usr/local/share/bitwarden/src checkout ${TAG}"
#TODO replace with: cargo build --features mysql --release
if [ "${INSTALL_TYPE}" == "mariadb" ]; then
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo build --features mysql --release"
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo install diesel_cli --no-default-features --features mysql"
else
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo build --features sqlite --release"
iocage exec "${1}" "cd /usr/local/share/bitwarden/src && $HOME/.cargo/bin/cargo install diesel_cli --no-default-features --features sqlite-bundled"
fi
iocage exec "${1}" cp -r /usr/local/share/bitwarden/src/target/release /usr/local/share/bitwarden/bin
# Download and install webvault
WEB_RELEASE_URL=$(curl -Ls -o /dev/null -w "%{url_effective}" https://github.com/dani-garcia/bw_web_builds/releases/latest)
WEB_TAG="${WEB_RELEASE_URL##*/}"
iocage exec "${1}" "fetch http://github.com/dani-garcia/bw_web_builds/releases/download/$WEB_TAG/bw_web_$WEB_TAG.tar.gz -o /usr/local/share/bitwarden"
iocage exec "${1}" "tar -xzvf /usr/local/share/bitwarden/bw_web_$WEB_TAG.tar.gz -C /usr/local/share/bitwarden/"
iocage exec "${1}" rm /usr/local/share/bitwarden/bw_web_"$WEB_TAG".tar.gz
iocage exec "${1}" chown -R bitwarden:bitwarden /usr/local/share/bitwarden /config
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/"${1}"/includes/bitwarden.rc /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.d/bitwarden
cp "${SCRIPT_DIR}"/blueprints/"${1}"/includes/bitwarden.rc.conf /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.conf.d/bitwarden
echo 'export DATABASE_URL="'"${DB_STRING}"'"' >> /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.conf.d/bitwarden
echo 'export ADMIN_TOKEN="'"${!ADMIN_TOKEN}"'"' >> /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.conf.d/bitwarden
if [ "${!ADMIN_TOKEN}" == "NONE" ]; then
echo "Admin_token set to NONE, disabling admin portal"
else
echo "Admin_token set and admin portal enabled"
iocage exec "${1}" echo "${DB_NAME} Admin Token is ${!ADMIN_TOKEN}" > /root/"${1}"_admin_token.txt
fi
iocage exec "${1}" chmod u+x /usr/local/etc/rc.d/bitwarden
iocage exec "${1}" service bitwarden restart
echo "Jail ${1} finished Bitwarden update."
echo "Admin Token is ${!ADMIN_TOKEN}"

View File

@ -0,0 +1,3 @@
blueprint:
influxdb:
pkgs: influxdb

32
blueprints/influxdb/install.sh Executable file
View File

@ -0,0 +1,32 @@
#!/usr/local/bin/bash
# This script installs the current release of InfluxDB
#####
#
# Init and Mounts
#
#####
# Initialise variables
# shellcheck disable=SC2154
JAIL_IP="jail_${1}_ip4_addr"
JAIL_IP="${!JAIL_IP%/*}"
INCLUDES_PATH="${SCRIPT_DIR}/blueprints/influxdb/includes"
# Mount and configure proper configuration location
# shellcheck disable=SC2154
cp -rf "${INCLUDES_PATH}/influxd.conf" "/mnt/${global_dataset_config}/${1}/influxd.conf"
iocage exec "${1}" mkdir -p /config/db/data /config/db/meta /config/db/wal
iocage exec "${1}" chown -R influxd:influxd /config/db
iocage exec "${1}" sysrc influxd_conf="/config/influxd.conf"
iocage exec "${1}" sysrc influxd_enable="YES"
# Start influxdb and wait for it to startup
iocage exec "${1}" service influxd start
sleep 15
# Done!
echo "Installation complete!"
echo "Your may connect InfluxDB plugins to the InfluxDB jail at http://${JAIL_IP}:8086."
echo "You may connect InfluxDB plugins to the InfluxDB jail at http://${JAIL_IP}:8086."
echo ""

View File

@ -1,6 +1,6 @@
#!/usr/local/bin/bash
# This file contains the update script for influxdb
iocage exec influxdb service influxd stop
iocage exec "$1" service influxd stop
# InfluxDB is updated during PKG update, this file is mostly just a placeholder
iocage exec influxdb service influxd restart
iocage exec "$1" service influxd restart

View File

@ -0,0 +1,3 @@
blueprint:
jackett:
pkgs: mono

14
blueprints/jackett/install.sh Executable file
View File

@ -0,0 +1,14 @@
#!/usr/local/bin/bash
# This file contains the install script for jackett
iocage exec "$1" "fetch https://github.com/Jackett/Jackett/releases/download/v0.11.502/Jackett.Binaries.Mono.tar.gz -o /usr/local/share"
iocage exec "$1" "tar -xzvf /usr/local/share/Jackett.Binaries.Mono.tar.gz -C /usr/local/share"
iocage exec "$1" rm /usr/local/share/Jackett.Binaries.Mono.tar.gz
iocage exec "$1" "pw user add jackett -c jackett -u 818 -d /nonexistent -s /usr/bin/nologin"
iocage exec "$1" chown -R jackett:jackett /usr/local/share/Jackett /config
iocage exec "$1" mkdir /usr/local/etc/rc.d
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/jackett/includes/jackett.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/jackett
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/jackett
iocage exec "$1" sysrc "jackett_enable=YES"
iocage exec "$1" service jackett restart

View File

10
blueprints/jackett/update.sh Executable file
View File

@ -0,0 +1,10 @@
#!/usr/local/bin/bash
# This file contains the update script for jackett
iocage exec "$1" service jackett stop
#TODO insert code to update jacket itself here
iocage exec "$1" chown -R jackett:jackett /usr/local/share/Jackett /config
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/jackett/includes/jackett.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/jackett
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/jackett
iocage exec "$1" service jackett restart

View File

@ -0,0 +1,3 @@
blueprint:
kms:
pkgs: bash py37-tkinter py37-pip py37-sqlite3 git

View File

12
blueprints/kms/install.sh Executable file
View File

@ -0,0 +1,12 @@
#!/usr/local/bin/bash
# This file contains the install script for KMS
iocage exec "$1" svn checkout https://github.com/SystemRage/py-kms/trunk/py-kms /usr/local/share/py-kms
iocage exec "$1" "pw user add kms -c kms -u 666 -d /nonexistent -s /usr/bin/nologin"
iocage exec "$1" chown -R kms:kms /usr/local/share/py-kms /config
iocage exec "$1" mkdir /usr/local/etc/rc.d
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/kms/includes/py_kms.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/py_kms
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/py_kms
iocage exec "$1" sysrc "py_kms_enable=YES"
iocage exec "$1" service py_kms start

0
jails/kms/readme.md → blueprints/kms/readme.md Executable file → Normal file
View File

10
blueprints/kms/update.sh Executable file
View File

@ -0,0 +1,10 @@
#!/usr/local/bin/bash
# This file contains the update script for KMS
iocage exec "$1" service py_kms stop
iocage exec "$1" svn checkout https://github.com/SystemRage/py-kms/trunk/py-kms /usr/local/share/py-kms
iocage exec "$1" chown -R kms:kms /usr/local/share/py-kms /config
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/kms/includes/py_kms.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/py_kms
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/py_kms
iocage exec "$1" service py_kms start

View File

@ -0,0 +1,3 @@
blueprint:
lidarr: lidarr
pkgs: mono mediainfo sqlite3

25
blueprints/lidarr/install.sh Executable file
View File

@ -0,0 +1,25 @@
#!/usr/local/bin/bash
# This file contains the install script for lidarr
# Check if dataset for completed download and it parent dataset exist, create if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_downloads}"
createmount "$1" "${global_dataset_downloads}"/complete /mnt/fetched
# Check if dataset for media library and the dataset for movies exist, create if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_media}"
createmount "$1" "${global_dataset_media}"/music /mnt/music
iocage exec "$1" "fetch https://github.com/lidarr/Lidarr/releases/download/v0.2.0.371/Lidarr.develop.0.2.0.371.linux.tar.gz -o /usr/local/share"
iocage exec "$1" "tar -xzvf /usr/local/share/Lidarr.develop.0.2.0.371.linux.tar.gz -C /usr/local/share"
iocage exec "$1" "rm /usr/local/share/Lidarr.develop.0.2.0.371.linux.tar.gz"
iocage exec "$1" "pw user add lidarr -c lidarr -u 353 -d /nonexistent -s /usr/bin/nologin"
iocage exec "$1" chown -R lidarr:lidarr /usr/local/share/Lidarr /config
iocage exec "$1" mkdir /usr/local/etc/rc.d
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/lidarr/includes/lidarr.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/lidarr
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/lidarr
iocage exec "$1" sysrc "lidarr_enable=YES"
iocage exec "$1" service lidarr start

0
jails/lidarr/readme.md → blueprints/lidarr/readme.md Executable file → Normal file
View File

10
blueprints/lidarr/update.sh Executable file
View File

@ -0,0 +1,10 @@
#!/usr/local/bin/bash
# This file contains the update script for lidarr
iocage exec "$1" service lidarr stop
#TODO insert code to update lidarr itself here
iocage exec "$1" chown -R lidarr:lidarr /usr/local/share/lidarr /config
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/lidarr/includes/lidarr.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/lidarr
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/lidarr
iocage exec "$1" service lidarr restart

View File

@ -0,0 +1,3 @@
blueprint:
mariadb:
pkgs: mariadb104-server git php74-session php74-xml php74-ctype php74-openssl php74-filter php74-gd php74-json php74-mysqli php74-mbstring php74-zlib php74-zip php74-bz2 phpMyAdmin5-php74 php74-pdo_mysql php74-mysqli phpMyAdmin5-php74-5.0.1

View File

117
blueprints/mariadb/install.sh Executable file
View File

@ -0,0 +1,117 @@
#!/usr/local/bin/bash
# This script installs the current release of Mariadb and PhpMyAdmin into a created jail
#####
#
# Init and Mounts
#
#####
# Initialise defaults
# shellcheck disable=SC2154
JAIL_IP="jail_${1}_ip4_addr"
JAIL_IP="${!JAIL_IP%/*}"
INCLUDES_PATH="${SCRIPT_DIR}/blueprints/mariadb/includes"
# shellcheck disable=SC2154
CERT_EMAIL="jail_${1}_cert_email"
CERT_EMAIL="${!CERT_EMAIL:-placeholder@email.fake}"
# shellcheck disable=SC2154
DB_ROOT_PASSWORD="jail_${1}_db_root_password"
HOST_NAME="jail_${1}_host_name"
DL_FLAGS=""
DNS_ENV=""
# Check that necessary variables were set by nextcloud-config
if [ -z "${JAIL_IP}" ]; then
echo 'Configuration error: The mariadb jail does NOT accept DHCP'
echo 'Please reinstall using a fixed IP adress'
exit 1
fi
# Make sure DB_PATH is empty -- if not, MariaDB/PostgreSQL will choke
# shellcheck disable=SC2154
if [ "$(ls -A "/mnt/${global_dataset_config}/${1}/db")" ]; then
echo "Reinstall of mariadb detected... Continuing"
REINSTALL="true"
fi
# Mount database dataset and set zfs preferences
createmount "${1}" "${global_dataset_config}"/"${1}"/db /var/db/mysql
zfs set recordsize=16K "${global_dataset_config}"/"${1}"/db
zfs set primarycache=metadata "${global_dataset_config}"/"${1}"/db
iocage exec "${1}" chown -R 88:88 /var/db/mysql
# Install includes fstab
iocage exec "${1}" mkdir -p /mnt/includes
iocage fstab -a "${1}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
iocage exec "${1}" mkdir -p /usr/local/www/phpmyadmin
iocage exec "${1}" chown -R www:www /usr/local/www/phpmyadmin
#####
#
# Install mariadb, Caddy and PhpMyAdmin
#
#####
fetch -o /tmp https://getcaddy.com
if ! iocage exec "${1}" bash -s personal "${DL_FLAGS}" < /tmp/getcaddy.com
then
echo "Failed to download/install Caddy"
exit 1
fi
iocage exec "${1}" sysrc mysql_enable="YES"
# Copy and edit pre-written config files
echo "Copying Caddyfile for no SSL"
iocage exec "${1}" cp -f /mnt/includes/caddy.rc /usr/local/etc/rc.d/caddy
iocage exec "${1}" cp -f /mnt/includes/Caddyfile /usr/local/www/Caddyfile
# shellcheck disable=SC2154
iocage exec "${1}" sed -i '' "s/yourhostnamehere/${!HOST_NAME}/" /usr/local/www/Caddyfile
iocage exec "${1}" sed -i '' "s/JAIL-IP/${JAIL_IP}/" /usr/local/www/Caddyfile
iocage exec "${1}" sysrc caddy_enable="YES"
iocage exec "${1}" sysrc php_fpm_enable="YES"
iocage exec "${1}" sysrc caddy_cert_email="${CERT_EMAIL}"
iocage exec "${1}" sysrc caddy_env="${DNS_ENV}"
iocage restart "${1}"
sleep 10
if [ "${REINSTALL}" == "true" ]; then
echo "Reinstall detected, skipping generaion of new config and database"
else
# Secure database, set root password, create Nextcloud DB, user, and password
iocage exec "${1}" cp -f /mnt/includes/my-system.cnf /var/db/mysql/my.cnf
iocage exec "${1}" mysql -u root -e "DELETE FROM mysql.user WHERE User='';"
iocage exec "${1}" mysql -u root -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
iocage exec "${1}" mysql -u root -e "DROP DATABASE IF EXISTS test;"
iocage exec "${1}" mysql -u root -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';"
iocage exec "${1}" mysqladmin --user=root password "${!DB_ROOT_PASSWORD}"
iocage exec "${1}" mysqladmin reload
fi
iocage exec "${1}" cp -f /mnt/includes/my.cnf /root/.my.cnf
iocage exec "${1}" sed -i '' "s|mypassword|${!DB_ROOT_PASSWORD}|" /root/.my.cnf
# Save passwords for later reference
iocage exec "${1}" echo "MariaDB root password is ${!DB_ROOT_PASSWORD}" > /root/"${1}"_db_password.txt
# Don't need /mnt/includes any more, so unmount it
iocage fstab -r "${1}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
# Done!
echo "Installation complete!"
echo "Using your web browser, go to http://${!HOST_NAME} to log in"
if [ "${REINSTALL}" == "true" ]; then
echo "You did a reinstall, please use your old database and account credentials"
else
echo "Database Information"
echo "--------------------"
echo "The MariaDB root password is ${!DB_ROOT_PASSWORD}"
fi
echo ""
echo "All passwords are saved in /root/${1}_db_password.txt"

View File

37
blueprints/mariadb/update.sh Executable file
View File

@ -0,0 +1,37 @@
#!/usr/local/bin/bash
# This file contains the update script for mariadb
# shellcheck disable=SC2154
JAIL_IP="jail_${1}_ip4_addr"
JAIL_IP="${!JAIL_IP%/*}"
HOST_NAME="jail_${1}_host_name"
INCLUDES_PATH="${SCRIPT_DIR}/blueprints/mariadb/includes"
# Install includes fstab
iocage exec "${1}" mkdir -p /mnt/includes
iocage fstab -a "${1}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
iocage exec "${1}" service caddy stop
iocage exec "${1}" service php-fpm stop
fetch -o /tmp https://getcaddy.com
if ! iocage exec "${1}" bash -s personal "${DL_FLAGS}" < /tmp/getcaddy.com
then
echo "Failed to download/install Caddy"
exit 1
fi
# Copy and edit pre-written config files
echo "Copying Caddyfile for no SSL"
iocage exec "${1}" cp -f /mnt/includes/caddy /usr/local/etc/rc.d/
iocage exec "${1}" cp -f /mnt/includes/Caddyfile /usr/local/www/Caddyfile
# shellcheck disable=SC2154
iocage exec "${1}" sed -i '' "s/yourhostnamehere/${HOST_NAME}/" /usr/local/www/Caddyfile
iocage exec "${1}" sed -i '' "s/JAIL-IP/${JAIL_IP}/" /usr/local/www/Caddyfile
# Don't need /mnt/includes any more, so unmount it
iocage fstab -r "${1}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
iocage exec "${1}" service caddy start
iocage exec "${1}" service php-fpm start

View File

View File

@ -0,0 +1,4 @@
blueprint:
nextcloud:
pkgs: nano sudo redis php73-ctype gnupg php73-dom php73-gd php73-iconv php73-json php73-mbstring php73-posix php73-simplexml php73-xmlreader php73-xmlwriter php73-zip php73-zlib php73-hash php73-xml php73 php73-pecl-redis php73-session php73-wddx php73-xsl php73-filter php73-pecl-APCu php73-curl php73-fileinfo php73-bz2 php73-intl php73-openssl php73-ldap php73-ftp php73-imap php73-exif php73-gmp php73-pecl-memcache php73-pecl-imagick php73-pecl-smbclient perl5 p5-Locale-gettext help2man texinfo m4 autoconf
ports: true

321
blueprints/nextcloud/install.sh Executable file
View File

@ -0,0 +1,321 @@
#!/usr/local/bin/bash
# This script installs the current release of Nextcloud into a create jail
# Based on the example by danb35: https://github.com/danb35/freenas-iocage-nextcloud
# Initialise defaults
# General Defaults
JAIL_IP="jail_${1}_ip4_addr"
JAIL_IP="${!JAIL_IP%/*}"
HOST_NAME="jail_${1}_host_name"
TIME_ZONE="jail_${1}_time_zone"
INCLUDES_PATH="${SCRIPT_DIR}/blueprints/nextcloud/includes"
# SSL/CERT Defaults
CERT_TYPE="jail_${1}_cert_type"
CERT_TYPE="${!CERT_TYPE:-SELFSIGNED_CERT}"
CERT_EMAIL="jail_${1}_cert_email"
CERT_EMAIL="${!CERT_EMAIL:-placeholder@email.fake}"
DNS_PLUGIN="jail_${1}_dns_plugin"
DNS_ENV="jail_${1}_dns_env"
# Database Defaults
DB_TYPE="jail_${1}_db_type"
DB_TYPE="${!DB_TYPE:-mariadb}"
DB_JAIL="jail_${1}_db_jail"
# shellcheck disable=SC2154
DB_HOST="jail_${!DB_JAIL}_ip4_addr"
DB_HOST="${!DB_HOST%/*}:3306"
DB_PASSWORD="jail_${1}_db_password"
DB_DATABASE="jail_${1}_db_database"
DB_DATABASE="${!DB_DATABASE:-$1}"
DB_USER="jail_${1}_db_user"
DB_USER="${!DB_USER:-$DB_DATABASE}"
ADMIN_PASSWORD="jail_${1}_admin_password"
#####
#
# Input Sanity Check
#
#####
# Check that necessary variables were set by nextcloud-config
if [ -z "${JAIL_IP}" ]; then
echo 'Configuration error: The Nextcloud jail does NOT accept DHCP'
echo 'Please reinstall using a fixed IP adress'
exit 1
fi
if [ -z "${ADMIN_PASSWORD}" ]; then
echo 'Configuration error: The Nextcloud jail requires a admin_password'
echo 'Please reinstall using a fixed IP adress'
exit 1
fi
if [ -z "${!DB_PASSWORD}" ]; then
echo 'Configuration error: The Nextcloud Jail needs a database password'
echo 'Please reinstall with a defifined: db_password'
exit 1
fi
# shellcheck disable=SC2154
if [ -z "${!TIME_ZONE}" ]; then
echo 'Configuration error: !TIME_ZONE must be set'
exit 1
fi
if [ -z "${!HOST_NAME}" ]; then
echo 'Configuration error: !HOST_NAME must be set'
exit 1
fi
if [ "$CERT_TYPE" != "STANDALONE_CERT" ] && [ "$CERT_TYPE" != "DNS_CERT" ] && [ "$CERT_TYPE" != "NO_CERT" ] && [ "$CERT_TYPE" != "SELFSIGNED_CERT" ]; then
echo 'Configuration error, cert_type options: STANDALONE_CERT, DNS_CERT, NO_CERT or SELFSIGNED_CERT'
exit 1
fi
if [ "$CERT_TYPE" == "DNS_CERT" ]; then
if [ -z "${!DNS_PLUGIN}" ] ; then
echo "DNS_PLUGIN must be set to a supported DNS provider."
echo "See https://caddyserver.com/docs under the heading of \"DNS Providers\" for list."
echo "Be sure to omit the prefix of \"tls.dns.\"."
exit 1
elif [ -z "${!DNS_ENV}" ] ; then
echo "DNS_ENV must be set to a your DNS provider\'s authentication credentials."
echo "See https://caddyserver.com/docs under the heading of \"DNS Providers\" for more."
exit 1
else
DL_FLAGS="tls.dns.${DNS_PLUGIN}"
DNS_SETTING="dns ${DNS_PLUGIN}"
fi
fi
# Make sure DB_PATH is empty -- if not, MariaDB will choke
# shellcheck disable=SC2154
if [ "$(ls -A "/mnt/${global_dataset_config}/${1}/config")" ]; then
echo "Reinstall of Nextcloud detected... "
REINSTALL="true"
fi
#####
#
# Fstab And Mounts
#
#####
# Create and Mount Nextcloud, Config and Files
createmount "${1}" "${global_dataset_config}"/"${1}"/config /usr/local/www/nextcloud/config
createmount "${1}" "${global_dataset_config}"/"${1}"/themes /usr/local/www/nextcloud/themes
createmount "${1}" "${global_dataset_config}"/"${1}"/files /config/files
# Install includes fstab
iocage exec "${1}" mkdir -p /mnt/includes
iocage fstab -a "${1}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
iocage exec "${1}" chown -R www:www /config/files
iocage exec "${1}" chmod -R 770 /config/files
#####
#
# Basic dependency install
#
#####
if [ "${DB_TYPE}" = "mariadb" ]; then
iocage exec "${1}" pkg install -qy mariadb103-client php73-pdo_mysql php73-mysqli
fi
fetch -o /tmp https://getcaddy.com
if ! iocage exec "${1}" bash -s personal "${DL_FLAGS}" < /tmp/getcaddy.com
then
echo "Failed to download/install Caddy"
exit 1
fi
iocage exec "${1}" sysrc redis_enable="YES"
iocage exec "${1}" sysrc php_fpm_enable="YES"
iocage exec "${1}" sh -c "make -C /usr/ports/www/php73-opcache clean install BATCH=yes"
iocage exec "${1}" sh -c "make -C /usr/ports/devel/php73-pcntl clean install BATCH=yes"
#####
#
# Install Nextcloud
#
#####
FILE="latest-18.tar.bz2"
if ! iocage exec "${1}" fetch -o /tmp https://download.nextcloud.com/server/releases/"${FILE}" https://download.nextcloud.com/server/releases/"${FILE}".asc https://nextcloud.com/nextcloud.asc
then
echo "Failed to download Nextcloud"
exit 1
fi
iocage exec "${1}" gpg --import /tmp/nextcloud.asc
if ! iocage exec "${1}" gpg --verify /tmp/"${FILE}".asc
then
echo "GPG Signature Verification Failed!"
echo "The Nextcloud download is corrupt."
exit 1
fi
iocage exec "${1}" tar xjf /tmp/"${FILE}" -C /usr/local/www/
iocage exec "${1}" chown -R www:www /usr/local/www/nextcloud/
# Generate and install self-signed cert, if necessary
if [ "$CERT_TYPE" == "SELFSIGNED_CERT" ] && [ ! -f "/mnt/${global_dataset_config}/${1}/ssl/privkey.pem" ]; then
echo "No ssl certificate present, generating self signed certificate"
if [ ! -d "/mnt/${global_dataset_config}/${1}/ssl" ]; then
echo "cert folder not existing... creating..."
iocage exec "${1}" mkdir /config/ssl
fi
openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=${!HOST_NAME}" -keyout "${INCLUDES_PATH}"/privkey.pem -out "${INCLUDES_PATH}"/fullchain.pem
iocage exec "${1}" cp /mnt/includes/privkey.pem /config/ssl/privkey.pem
iocage exec "${1}" cp /mnt/includes/fullchain.pem /config/ssl/fullchain.pem
fi
# Copy and edit pre-written config files
iocage exec "${1}" cp -f /mnt/includes/php.ini /usr/local/etc/php.ini
iocage exec "${1}" cp -f /mnt/includes/redis.conf /usr/local/etc/redis.conf
iocage exec "${1}" cp -f /mnt/includes/www.conf /usr/local/etc/php-fpm.d/
if [ "$CERT_TYPE" == "STANDALONE_CERT" ] && [ "$CERT_TYPE" == "DNS_CERT" ]; then
iocage exec "${1}" cp -f /mnt/includes/remove-staging.sh /root/
fi
if [ "$CERT_TYPE" == "NO_CERT" ]; then
echo "Copying Caddyfile for no SSL"
iocage exec "${1}" cp -f /mnt/includes/Caddyfile-nossl /usr/local/www/Caddyfile
elif [ "$CERT_TYPE" == "SELFSIGNED_CERT" ]; then
echo "Copying Caddyfile for self-signed cert"
iocage exec "${1}" cp -f /mnt/includes/Caddyfile-selfsigned /usr/local/www/Caddyfile
else
echo "Copying Caddyfile for Let's Encrypt cert"
iocage exec "${1}" cp -f /mnt/includes/Caddyfile /usr/local/www/
fi
iocage exec "${1}" cp -f /mnt/includes/caddy.rc /usr/local/etc/rc.d/caddy
iocage exec "${1}" sed -i '' "s/yourhostnamehere/${!HOST_NAME}/" /usr/local/www/Caddyfile
iocage exec "${1}" sed -i '' "s/DNS-PLACEHOLDER/${DNS_SETTING}/" /usr/local/www/Caddyfile
iocage exec "${1}" sed -i '' "s/JAIL-IP/${JAIL_IP}/" /usr/local/www/Caddyfile
iocage exec "${1}" sed -i '' "s|mytimezone|${!TIME_ZONE}|" /usr/local/etc/php.ini
iocage exec "${1}" sysrc caddy_enable="YES"
iocage exec "${1}" sysrc caddy_cert_email="${CERT_EMAIL}"
iocage exec "${1}" sysrc caddy_SNI_default="${!HOST_NAME}"
iocage exec "${1}" sysrc caddy_env="${!DNS_ENV}"
iocage restart "${1}"
if [ "${REINSTALL}" == "true" ]; then
echo "Reinstall detected, skipping generaion of new config and database"
else
# Secure database, set root password, create Nextcloud DB, user, and password
if [ "${DB_TYPE}" = "mariadb" ]; then
iocage exec "mariadb" mysql -u root -e "CREATE DATABASE ${DB_DATABASE};"
iocage exec "mariadb" mysql -u root -e "GRANT ALL ON ${DB_DATABASE}.* TO ${DB_USER}@${JAIL_IP} IDENTIFIED BY '${!DB_PASSWORD}';"
iocage exec "mariadb" mysqladmin reload
fi
# Save passwords for later reference
iocage exec "${1}" echo "${DB_NAME} root password is ${DB_ROOT_PASSWORD}" > /root/"${1}"_db_password.txt
iocage exec "${1}" echo "Nextcloud database password is ${!DB_PASSWORD}" >> /root/"${1}"_db_password.txt
iocage exec "${1}" echo "Nextcloud Administrator password is ${ADMIN_PASSWORD}" >> /root/"${1}"_db_password.txt
# CLI installation and configuration of Nextcloud
if [ "${DB_TYPE}" = "mariadb" ]; then
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ maintenance:install --database=\"mysql\" --database-name=\"${DB_DATABASE}\" --database-user=\"${DB_USER}\" --database-pass=\"${!DB_PASSWORD}\" --database-host=\"${DB_HOST}\" --admin-user=\"admin\" --admin-pass=\"${!ADMIN_PASSWORD}\" --data-dir=\"/config/files\""
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set mysql.utf8mb4 --type boolean --value=\"true\""
fi
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ db:add-missing-indices"
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ db:convert-filecache-bigint --no-interaction"
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set logtimezone --value=\"${!TIME_ZONE}\""
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set log_type --value="file"'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set logfile --value="/var/log/nextcloud.log"'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set loglevel --value="2"'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set logrotate_size --value="104847600"'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set memcache.local --value="\OC\Memcache\APCu"'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set redis host --value="/tmp/redis.sock"'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set redis port --value=0 --type=integer'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set memcache.locking --value="\OC\Memcache\Redis"'
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set overwritehost --value=\"${!HOST_NAME}\""
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set overwriteprotocol --value=\"https\""
if [ "$CERT_TYPE" == "NO_CERT" ]; then
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set overwrite.cli.url --value=\"http://${!HOST_NAME}/\""
else
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set overwrite.cli.url --value=\"https://${!HOST_NAME}/\""
fi
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ config:system:set htaccess.RewriteBase --value="/"'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ maintenance:update:htaccess'
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set trusted_domains 1 --value=\"${!HOST_NAME}\""
iocage exec "${1}" su -m www -c "php /usr/local/www/nextcloud/occ config:system:set trusted_domains 2 --value=\"${JAIL_IP}\""
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ app:enable encryption'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ encryption:enable'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ encryption:disable'
iocage exec "${1}" su -m www -c 'php /usr/local/www/nextcloud/occ background:cron'
fi
iocage exec "${1}" touch /var/log/nextcloud.log
iocage exec "${1}" chown www /var/log/nextcloud.log
iocage exec "${1}" su -m www -c 'php -f /usr/local/www/nextcloud/cron.php'
iocage exec "${1}" crontab -u www /mnt/includes/www-crontab
# Don't need /mnt/includes any more, so unmount it
iocage fstab -r "${1}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
# Done!
echo "Installation complete!"
if [ "$CERT_TYPE" == "NO_CERT" ]; then
echo "Using your web browser, go to http://${!HOST_NAME} to log in"
else
echo "Using your web browser, go to https://${!HOST_NAME} to log in"
fi
if [ "${REINSTALL}" == "true" ]; then
echo "You did a reinstall, please use your old database and account credentials"
else
echo "Default user is admin, password is ${ADMIN_PASSWORD}"
echo ""
echo "Database Information"
echo "--------------------"
echo "Database user = ${DB_USER}"
echo "Database password = ${!DB_PASSWORD}"
echo ""
echo "All passwords are saved in /root/${1}_db_password.txt"
fi
echo ""
if [ "$CERT_TYPE" == "STANDALONE_CERT" ] && [ "$CERT_TYPE" == "DNS_CERT" ]; then
echo "You have obtained your Let's Encrypt certificate using the staging server."
echo "This certificate will not be trusted by your browser and will cause SSL errors"
echo "when you connect. Once you've verified that everything else is working"
echo "correctly, you should issue a trusted certificate. To do this, run:"
echo "iocage exec ${1}/root/remove-staging.sh"
echo ""
elif [ "$CERT_TYPE" == "SELFSIGNED_CERT" ]; then
echo "You have chosen to create a self-signed TLS certificate for your Nextcloud"
echo "installation. This certificate will not be trusted by your browser and"
echo "will cause SSL errors when you connect. If you wish to replace this certificate"
echo "with one obtained elsewhere, the private key is located at:"
echo "/config/ssl/privkey.pem"
echo "The full chain (server + intermediate certificates together) is at:"
echo "/config/ssl/fullchain.pem"
echo ""
fi

View File

@ -0,0 +1,3 @@
blueprint:
organizr:
pkgs: nginx php72 php72-filter php72-curl php72-hash php72-json php72-openssl php72-pdo php72-pdo_sqlite php72-session php72-simplexml php72-sqlite3 php72-zip git

34
blueprints/organizr/install.sh Executable file
View File

@ -0,0 +1,34 @@
#!/usr/local/bin/bash
# This file contains the install script for Organizr
iocage exec "$1" sed -i '' -e 's?listen = 127.0.0.1:9000?listen = /var/run/php-fpm.sock?g' /usr/local/etc/php-fpm.d/www.conf
iocage exec "$1" sed -i '' -e 's/;listen.owner = www/listen.owner = www/g' /usr/local/etc/php-fpm.d/www.conf
iocage exec "$1" sed -i '' -e 's/;listen.group = www/listen.group = www/g' /usr/local/etc/php-fpm.d/www.conf
iocage exec "$1" sed -i '' -e 's/;listen.mode = 0660/listen.mode = 0600/g' /usr/local/etc/php-fpm.d/www.conf
iocage exec "$1" cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
iocage exec "$1" sed -i '' -e 's?;date.timezone =?date.timezone = "Universal"?g' /usr/local/etc/php.ini
iocage exec "$1" sed -i '' -e 's?;cgi.fix_pathinfo=1?cgi.fix_pathinfo=0?g' /usr/local/etc/php.ini
# shellcheck disable=SC2154
mv /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/nginx/nginx.conf /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/nginx/nginx.conf.bak
cp "${SCRIPT_DIR}"/blueprints/organizr/includes/nginx.conf /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/nginx/nginx.conf
cp -Rf "${SCRIPT_DIR}"/blueprints/organizr/includes/custom /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/nginx/custom
# shellcheck disable=SC2154
if [ ! -d "/mnt/${global_dataset_config}/$1/ssl" ]; then
echo "cert folder doesn't exist... creating..."
iocage exec "$1" mkdir /config/ssl
fi
if [ -f "/mnt/${global_dataset_config}/$1/ssl/Organizr-Cert.crt" ]; then
echo "certificate exists... Skipping cert generation"
else
echo "No ssl certificate present, generating self signed certificate"
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost" -keyout /mnt/"${global_dataset_config}"/"$1"/ssl/Organizr-Cert.key -out /mnt/"${global_dataset_config}"/"$1"/ssl/Organizr-Cert.crt
fi
iocage exec "$1" git clone https://github.com/causefx/Organizr.git /usr/local/www/Organizr
iocage exec "$1" chown -R www:www /usr/local/www /config /usr/local/etc/nginx/nginx.conf /usr/local/etc/nginx/custom
iocage exec "$1" ln -s /config/config.php /usr/local/www/Organizr/api/config/config.php
iocage exec "$1" sysrc nginx_enable=YES
iocage exec "$1" sysrc php_fpm_enable=YES
iocage exec "$1" service nginx start
iocage exec "$1" service php-fpm start

View File

12
blueprints/organizr/update.sh Executable file
View File

@ -0,0 +1,12 @@
#!/usr/local/bin/bash
# This file contains the update script for Organizr
iocage exec "$1" service nginx stop
iocage exec "$1" service php-fpm stop
# TODO setup cli update for Organizr here.
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/organizr/includes/nginx.conf /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/nginx/nginx.conf
iocage exec "$1" "cd /usr/local/www/Organizr && git pull"
iocage exec "$1" chown -R www:www /usr/local/www /config /usr/local/etc/nginx/nginx.conf /usr/local/etc/nginx/custom
iocage exec "$1" service nginx start
iocage exec "$1" service php-fpm start

View File

@ -0,0 +1,3 @@
blueprint:
plex:
pkgs: plexmediaserver

51
blueprints/plex/install.sh Executable file
View File

@ -0,0 +1,51 @@
#!/usr/local/bin/bash
# This file contains the install script for plex
iocage exec plex mkdir -p /usr/local/etc/pkg/repos
# Change to to more frequent FreeBSD repo to stay up-to-date with plex more.
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/plex/includes/FreeBSD.conf /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/pkg/repos/FreeBSD.conf
# Check if datasets for media librarys exist, create them if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_media}" /mnt/media
createmount "$1" "${global_dataset_media}"/movies /mnt/media/movies
createmount "$1" "${global_dataset_media}"/music /mnt/media/music
createmount "$1" "${global_dataset_media}"/shows /mnt/media/shows
# Create plex ramdisk if specified
# shellcheck disable=SC2154
if [ -z "${plex_ramdisk}" ]; then
echo "no ramdisk specified for plex, continuing without randisk"
else
iocage fstab -a "$1" tmpfs /tmp_transcode tmpfs rw,size="${plex_ramdisk}",mode=1777 0 0
fi
iocage exec "$1" chown -R plex:plex /config
# Force update pkg to get latest plex version
iocage exec "$1" pkg update
iocage exec "$1" pkg upgrade -y
# Add plex user to video group for future hw-encoding support
iocage exec "$1" pw groupmod -n video -m plex
# Run different install procedures depending on Plex vs Plex Beta
# shellcheck disable=SC2154
if [ "$plex_beta" == "true" ]; then
echo "beta enabled in config.yml... using plex beta for install"
iocage exec "$1" sysrc "plexmediaserver_plexpass_enable=YES"
iocage exec "$1" sysrc plexmediaserver_plexpass_support_path="/config"
iocage exec "$1" chown -R plex:plex /usr/local/share/plexmediaserver-plexpass/
iocage exec "$1" service plexmediaserver_plexpass restart
else
echo "beta disabled in config.yml... NOT using plex beta for install"
iocage exec "$1" sysrc "plexmediaserver_enable=YES"
iocage exec "$1" sysrc plexmediaserver_support_path="/config"
iocage exec "$1" chown -R plex:plex /usr/local/share/plexmediaserver/
iocage exec "$1" service plexmediaserver restart
fi
echo "Finished installing plex"

0
jails/plex/readme.md → blueprints/plex/readme.md Executable file → Normal file
View File

View File

@ -5,16 +5,16 @@
# shellcheck disable=SC2154
if [ "$plex_plexpass" == "true" ]; then
echo "beta enabled in config.yml... using plex beta for update..."
iocage exec plex service plexmediaserver_plexpass stop
iocage exec "$1" service plexmediaserver_plexpass stop
# Plex is updated using PKG already, this is mostly a placeholder
iocage exec plex chown -R plex:plex /usr/local/share/plexmediaserver-plexpass/
iocage exec plex service plexmediaserver_plexpass restart
iocage exec "$1" chown -R plex:plex /usr/local/share/plexmediaserver-plexpass/
iocage exec "$1" service plexmediaserver_plexpass restart
else
echo "beta disabled in config.yml... NOT using plex beta for update..."
iocage exec plex service plexmediaserver stop
iocage exec "$1" service plexmediaserver stop
# Plex is updated using PKG already, this is mostly a placeholder
iocage exec plex chown -R plex:plex /usr/local/share/plexmediaserver/
iocage exec plex service plexmediaserver restart
iocage exec "$1" chown -R plex:plex /usr/local/share/plexmediaserver/
iocage exec "$1" service plexmediaserver restart
fi

View File

@ -0,0 +1,3 @@
blueprint:
radarr:
pkgs: mono mediainfo sqlite3 libgdiplus

24
blueprints/radarr/install.sh Executable file
View File

@ -0,0 +1,24 @@
#!/usr/local/bin/bash
# This file contains the install script for radarr
# Check if dataset for completed download and it parent dataset exist, create if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_downloads}"
createmount "$1" "${global_dataset_downloads}"/complete /mnt/fetched
# Check if dataset for media library and the dataset for movies exist, create if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_media}"
createmount "$1" "${global_dataset_media}"/movies /mnt/movies
iocage exec "$1" "fetch https://github.com/Radarr/Radarr/releases/download/v0.2.0.1480/Radarr.develop.0.2.0.1480.linux.tar.gz -o /usr/local/share"
iocage exec "$1" "tar -xzvf /usr/local/share/Radarr.develop.0.2.0.1480.linux.tar.gz -C /usr/local/share"
iocage exec "$1" rm /usr/local/share/Radarr.develop.0.2.0.1480.linux.tar.gz
iocage exec "$1" "pw user add radarr -c radarr -u 352 -d /nonexistent -s /usr/bin/nologin"
iocage exec "$1" chown -R radarr:radarr /usr/local/share/Radarr /config
iocage exec "$1" mkdir /usr/local/etc/rc.d
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/radarr/includes/radarr.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/radarr
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/radarr
iocage exec "$1" sysrc "radarr_enable=YES"
iocage exec "$1" service radarr restart

0
jails/radarr/readme.md → blueprints/radarr/readme.md Executable file → Normal file
View File

10
blueprints/radarr/update.sh Executable file
View File

@ -0,0 +1,10 @@
#!/usr/local/bin/bash
# This file contains the update script for radarr
iocage exec "$1" service radarr stop
#TODO insert code to update radarr itself here
iocage exec "$1" chown -R radarr:radarr /usr/local/share/Radarr /config
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/radarr/includes/radarr.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/radarr
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/radarr
iocage exec "$1" service radarr restart

View File

@ -0,0 +1,3 @@
blueprint:
sonarr:
pkgs: mono mediainfo sqlite3

24
blueprints/sonarr/install.sh Executable file
View File

@ -0,0 +1,24 @@
#!/usr/local/bin/bash
# This file contains the install script for sonarr
# Check if dataset for completed download and it parent dataset exist, create if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_downloads}"
createmount "$1" "${global_dataset_downloads}"/complete /mnt/fetched
# Check if dataset for media library and the dataset for tv shows exist, create if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_media}"
createmount "$1" "${global_dataset_media}"/shows /mnt/shows
iocage exec "$1" "fetch http://download.sonarr.tv/v2/master/mono/NzbDrone.master.tar.gz -o /usr/local/share"
iocage exec "$1" "tar -xzvf /usr/local/share/NzbDrone.master.tar.gz -C /usr/local/share"
iocage exec "$1" rm /usr/local/share/NzbDrone.master.tar.gz
iocage exec "$1" "pw user add sonarr -c sonarr -u 351 -d /nonexistent -s /usr/bin/nologin"
iocage exec "$1" chown -R sonarr:sonarr /usr/local/share/NzbDrone /config
iocage exec "$1" mkdir /usr/local/etc/rc.d
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/sonarr/includes/sonarr.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/sonarr
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/sonarr
iocage exec "$1" sysrc "sonarr_enable=YES"
iocage exec "$1" service sonarr restart

0
jails/sonarr/readme.md → blueprints/sonarr/readme.md Executable file → Normal file
View File

10
blueprints/sonarr/update.sh Executable file
View File

@ -0,0 +1,10 @@
#!/usr/local/bin/bash
# This file contains the update script for sonarr
iocage exec "$1" service sonarr stop
#TODO insert code to update sonarr itself here
iocage exec "$1" chown -R sonarr:sonarr /usr/local/share/NzbDrone /config
# shellcheck disable=SC2154
cp "${SCRIPT_DIR}"/blueprints/sonarr/includes/sonarr.rc /mnt/"${global_dataset_iocage}"/jails/"$1"/root/usr/local/etc/rc.d/sonarr
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/sonarr
iocage exec "$1" service sonarr restart

View File

@ -0,0 +1,3 @@
blueprint:
tautulli:
pkgs: python2 py27-sqlite3 py27-openssl git

11
blueprints/tautulli/install.sh Executable file
View File

@ -0,0 +1,11 @@
#!/usr/local/bin/bash
# This file contains the install script for Tautulli
iocage exec "$1" git clone https://github.com/Tautulli/Tautulli.git /usr/local/share/Tautulli
iocage exec "$1" "pw user add tautulli -c tautulli -u 109 -d /nonexistent -s /usr/bin/nologin"
iocage exec "$1" chown -R tautulli:tautulli /usr/local/share/Tautulli /config
iocage exec "$1" cp /usr/local/share/Tautulli/init-scripts/init.freenas /usr/local/etc/rc.d/tautulli
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/tautulli
iocage exec "$1" sysrc "tautulli_enable=YES"
iocage exec "$1" sysrc "tautulli_flags=--datadir /config"
iocage exec "$1" service tautulli start

View File

9
blueprints/tautulli/update.sh Executable file
View File

@ -0,0 +1,9 @@
#!/usr/local/bin/bash
# This file contains the update script for Tautulli
iocage exec "$1" service tautulli stop
# Tautulli is updated through pkg, this is mostly just a placeholder
iocage exec "$1" chown -R tautulli:tautulli /usr/local/share/Tautulli /config
iocage exec "$1" cp /usr/local/share/Tautulli/init-scripts/init.freenas /usr/local/etc/rc.d/tautulli
iocage exec "$1" chmod u+x /usr/local/etc/rc.d/tautulli
iocage exec "$1" service tautulli restart

View File

@ -0,0 +1,3 @@
blueprint:
transmission:
pkgs: bash unzip unrar transmission

View File

@ -0,0 +1,19 @@
#!/usr/local/bin/bash
# This file contains the install script for transmission
# Check if dataset Downloads dataset exist, create if they do not.
# shellcheck disable=SC2154
createmount "$1" "${global_dataset_downloads}" /mnt/downloads
# Check if dataset Complete Downloads dataset exist, create if they do not.
createmount "$1" "${global_dataset_downloads}"/complete /mnt/downloads/complete
# Check if dataset InComplete Downloads dataset exist, create if they do not.
createmount "$1" "${global_dataset_downloads}"/incomplete /mnt/downloads/incomplete
iocage exec "$1" chown -R transmission:transmission /config
iocage exec "$1" sysrc "transmission_enable=YES"
iocage exec "$1" sysrc "transmission_conf_dir=/config"
iocage exec "$1" sysrc "transmission_download_dir=/mnt/downloads/complete"
iocage exec "$1" service transmission restart

View File

View File

@ -0,0 +1,7 @@
#!/usr/local/bin/bash
# This file contains the update script for transmission
iocage exec "$1" service transmission stop
# Transmision is updated during PKG update, this file is mostly just a placeholder
iocage exec "$1" chown -R transmission:transmission /config
iocage exec "$1" service transmission restart

View File

@ -0,0 +1,3 @@
blueprint:
unifi:
pkgs: jq unifi5

117
blueprints/unifi/install.sh Executable file
View File

@ -0,0 +1,117 @@
#!/usr/local/bin/bash
# This file contains the install script for unifi-controller & unifi-poller
# Initialize variables
# shellcheck disable=SC2154
JAIL_IP="jail_${1}_ip4_addr"
JAIL_IP="${!JAIL_IP%/*}"
# shellcheck disable=SC2154
DB_JAIL="jail_${1}_db_jail"
POLLER="jail_${1}_unifi_poller"
# shellcheck disable=SC2154
DB_IP="jail_${!DB_JAIL}_ip4_addr"
DB_IP="${!DB_IP%/*}"
# shellcheck disable=SC2154
DB_NAME="jail_${1}_up_db_name"
DB_NAME="${!DB_NAME:-$1}"
# shellcheck disable=SC2154
DB_USER="jail_${1}_up_db_user"
DB_USER="${!DB_USER:-$DB_NAME}"
# shellcheck disable=SC2154
DB_PASS="jail_${1}_up_db_password"
# shellcheck disable=SC2154
UP_USER="jail_${1}_up_user"
UP_USER="${!UP_USER:-$1}"
# shellcheck disable=SC2154
UP_PASS="jail_${1}_up_password"
INCLUDES_PATH="${SCRIPT_DIR}/blueprints/unifi/includes"
if [ -z "${!DB_PASSWORD}" ]; then
echo "up_db_password can't be empty"
exit 1
fi
if [ -z "${!DB_JAIL}" ]; then
echo "db_jail can't be empty"
exit 1
fi
if [ -z "${!UP_PASS}" ]; then
echo "up_password can't be empty"
exit 1
fi
# Enable persistent Unifi Controller data
iocage exec "${1}" mkdir -p /config/controller/mongodb
iocage exec "${1}" cp -Rp /usr/local/share/java/unifi /config/controller
iocage exec "${1}" chown -R mongodb:mongodb /config/controller/mongodb
# shellcheck disable=SC2154
cp "${INCLUDES_PATH}"/mongodb.conf /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc
# shellcheck disable=SC2154
cp "${INCLUDES_PATH}"/rc/mongod.rc /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.d/mongod
# shellcheck disable=SC2154
cp "${INCLUDES_PATH}"/rc/unifi.rc /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.d/unifi
iocage exec "${1}" sysrc unifi_enable=YES
iocage exec "${1}" service unifi start
# shellcheck disable=SC2154
if [[ ! "${!POLLER}" ]]; then
echo "Installation complete!"
echo "Unifi Controller is accessible at https://${JAIL_IP}:8443."
else
# Check if influxdb container exists, create unifi database if it does, error if it is not.
echo "Checking if the database jail and database exist..."
if [[ -d /mnt/"${global_dataset_iocage}"/jails/"${!DB_JAIL}" ]]; then
DB_EXISTING=$(iocage exec "${!DB_JAIL}" curl -G http://localhost:8086/query --data-urlencode 'q=SHOW DATABASES' | jq '.results [] | .series [] | .values []' | grep "$DB_NAME" | sed 's/"//g' | sed 's/^ *//g')
if [[ "$DB_NAME" == "$DB_EXISTING" ]]; then
echo "${!DB_JAIL} jail with database ${DB_NAME} already exists. Skipping database creation... "
else
echo "${!DB_JAIL} jail exists, but database ${DB_NAME} does not. Creating database ${DB_NAME}."
if [[ -z "${DB_USER}" ]] || [[ -z "${!DB_PASS}" ]]; then
echo "Database username and password not provided. Cannot create database without credentials. Exiting..."
exit 1
else
iocage exec "${!DB_JAIL}" "curl -XPOST -u ${DB_USER}:${!DB_PASS} http://localhost:8086/query --data-urlencode 'q=CREATE DATABASE ${DB_NAME}'"
echo "Database ${DB_NAME} created with username ${DB_USER} with password ${!DB_PASS}."
fi
fi
else
echo "Influxdb jail does not exist. Unifi-Poller requires Influxdb jail. Please install the Influxdb jail."
exit 1
fi
# Download and install Unifi-Poller
FILE_NAME=$(curl -s https://api.github.com/repos/unifi-poller/unifi-poller/releases/latest | jq -r ".assets[] | select(.name | contains(\"amd64.txz\")) | .name")
DOWNLOAD=$(curl -s https://api.github.com/repos/unifi-poller/unifi-poller/releases/latest | jq -r ".assets[] | select(.name | contains(\"amd64.txz\")) | .browser_download_url")
iocage exec "${1}" fetch -o /config "${DOWNLOAD}"
# Install downloaded Unifi-Poller package, configure and enable
iocage exec "${1}" pkg install -qy /config/"${FILE_NAME}"
# shellcheck disable=SC2154
cp "${INCLUDES_PATH}"/up.conf /mnt/"${global_dataset_config}"/"${1}"
# shellcheck disable=SC2154
cp "${INCLUDES_PATH}"/rc/unifi_poller.rc /mnt/"${global_dataset_iocage}"/jails/"${1}"/root/usr/local/etc/rc.d/unifi_poller
iocage exec "${1}" sed -i '' "s|influxdbuser|${DB_USER}|" /config/up.conf
iocage exec "${1}" sed -i '' "s|influxdbpass|${!DB_PASS}|" /config/up.conf
iocage exec "${1}" sed -i '' "s|unifidb|${DB_NAME}|" /config/up.conf
iocage exec "${1}" sed -i '' "s|unifiuser|${UP_USER}|" /config/up.conf
iocage exec "${1}" sed -i '' "s|unifipassword|${!UP_PASS}|" /config/up.conf
iocage exec "${1}" sed -i '' "s|dbip|http://${DB_IP}:8086|" /config/up.conf
iocage exec "${1}" sysrc unifi_poller_enable=YES
iocage exec "${1}" service unifi_poller start
echo "Installation complete!"
echo "Unifi Controller is accessible at https://${JAIL_IP}:8443."
echo "Please login to the Unifi Controller and add ${UP_USER} as a read-only user."
echo "In Grafana, add Unifi-Poller as a data source."
fi

11
jails/unifi/update.sh → blueprints/unifi/update.sh Normal file → Executable file
View File

@ -2,21 +2,20 @@
# This file contains the update script for unifi
# Unifi Controller is updated through pkg, Unifi-Poller is not. This script updates Unifi-Poller
JAIL_NAME="unifi"
FILE_NAME=$(curl -s https://api.github.com/repos/unifi-poller/unifi-poller/releases/latest | jq -r ".assets[] | select(.name | contains(\"amd64.txz\")) | .name")
DOWNLOAD=$(curl -s https://api.github.com/repos/unifi-poller/unifi-poller/releases/latest | jq -r ".assets[] | select(.name | contains(\"amd64.txz\")) | .browser_download_url")
# Check to see if there is an update.
# shellcheck disable=SC2154
if [[ -f /mnt/"${global_dataset_config}"/"${JAIL_NAME}"/"${FILE_NAME}" ]]; then
if [[ -f /mnt/"${global_dataset_config}"/"${1}"/"${FILE_NAME}" ]]; then
echo "Unifi-Poller is up to date."
exit 1
else
# Download and install the package
iocage exec "${JAIL_NAME}" fetch -o /config "${DOWNLOAD}"
iocage exec "${JAIL_NAME}" pkg install -qy /config/"${FILE_NAME}"
iocage exec "${JAIL_NAME}" service unifi restart
iocage exec "${JAIL_NAME}" service unifi_poller restart
iocage exec "${1}" fetch -o /config "${DOWNLOAD}"
iocage exec "${1}" pkg install -qy /config/"${FILE_NAME}"
iocage exec "${1}" service unifi restart
iocage exec "${1}" service unifi_poller restart
fi
echo "Update complete!"

View File

@ -1,4 +1,6 @@
global:
# Config file syntax version (not same as script version)
version: 1.2
# Relevant dataset paths, please use the ZFS dataset syntax such as: tank/apps
dataset:
# dataset for internal jail config files
@ -15,100 +17,89 @@ global:
# Please use standard space delimited pkg install syntax.
pkgs: curl ca_root_nss bash
jail:
plex:
blueprint: plex
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
beta: false
# Example configuration, showing how to customise network config.
# Use the same jailname on both sides of this variable example: example
example: example
#interfaces is optional and will be autmatically replace with vnet0:bridge0 if not present
interfaces: vnet0:bridge0
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
# Jail specific pkgs.
# Please use standard space delimited pkg install syntax.
pkgs: mono
lidarr:
blueprint: lidarr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
plex: plex
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
beta: false
sonarr:
blueprint: sonarr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
lidarr: lidarr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
radarr:
blueprint: radarr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
sonarr: sonarr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
kms:
blueprint: kms
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
radarr: radarr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
jackett:
blueprint: jackett
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
kms: kms
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
organizr:
blueprint: organizr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
jackett: jackett
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
tautulli:
blueprint: tautulli
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
organizr: organizr
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
tautulli: tautulli
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
transmission: transmission
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
transmission:
blueprint: transmission
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
nextcloud: nextcloud
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
time_zone: Europe/Amsterdam
host_name: cloud.example.com
database: mariadb
standalone_cert: 0
selfsigned_cert: 0
dns_cert: 0
no_cert: 1
dl_flags: ""
dns_settings: ""
cert_email: "placeholder@holdplace.org"
database: mariadb
# db_database:
# db_user:
# db_password
# db_host
nextcloud:
blueprint: nextcloud
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
time_zone: Europe/Amsterdam
host_name: cloud.example.com
db_jail: "mariadb"
admin_password: "PUTYOUROWNADMINPASSWORDHERE"
db_password: "PLEASEALSOPUTYOURPASSWORDHEREADIFFERNTONE"
mariadb: mariadb
ip4_addr: 192.168.1.98/24
gateway: 192.168.1.1
db_root_password: ReplaceThisWithYourOwnRootPAssword
host_name: mariadb.local.example
mariadb:
blueprint: mariadb
ip4_addr: 192.168.1.98/24
gateway: 192.168.1.1
db_root_password: ReplaceThisWithYourOwnRootPAssword
host_name: mariadb.local.example
bitwarden: bitwarden
ip4_addr: 192.168.1.97/24
gateway: 192.168.1.1
db_password: "YourDBPasswordHerePLEASE"
type: mariadb
admin_token: "PUTYOURADMINTOKENHEREANDREMOVETHIS"
bitwarden:
blueprint: bitwarden
ip4_addr: 192.168.1.97/24
gateway: 192.168.1.1
db_jail: "mariadb"
db_password: "YourDBPasswordHerePLEASE"
admin_token: "PUTYOURADMINTOKENHEREANDREMOVETHIS"
influxdb: influxdb
ip4_addr: 192.168.1.250/24
gateway: 192.168.1.1
database: influxdb
influxdb:
blueprint: influxdb
ip4_addr: 192.168.1.250/24
gateway: 192.168.1.1
unifi: unifi
ip4_addr: 192.168.1.251/24
gateway: 192.168.1.1
unifi_poller: true
db_jail: influxdb
up_db_name: unifi
up_db_user: unifi-poller
up_db_password: unifi-poller
up_user: upoller
up_password: upoller
unifi:
blueprint: unifi
ip4_addr: 192.168.1.251/24
gateway: 192.168.1.1
unifi_poller: true
db_jail: influxdb
up_db_password: unifi-poller
up_password: upoller

View File

@ -43,12 +43,12 @@ fi
jailcreate() {
echo "Checking config..."
jailname="${1}"
jailpkgs="${1}_pkgs"
jailinterfaces="${1}_interfaces"
jailip4="${1}_ip4_addr"
jailgateway="${1}_gateway"
jaildhcp="${1}_dhcp"
blueprintpkgs="blueprint_${2}_pkgs"
blueprintports="blueprint_${2}_ports"
jailinterfaces="jail_${1}_interfaces"
jailip4="jail_${1}_ip4_addr"
jailgateway="jail_${1}_gateway"
jaildhcp="jail_${1}_dhcp"
setdhcp=${!jaildhcp}
if [ -z "${!jailinterfaces}" ]; then
@ -62,49 +62,47 @@ if [ -z "${setdhcp}" ] && [ -z "${!jailip4}" ] && [ -z "${!jailgateway}" ]; then
setdhcp="on"
fi
if [ -z "${!jailname}" ]; then
echo "ERROR, jail not defined in config.yml"
exit 1
else
echo "Creating jail for $1"
echo "Creating jail for $1"
# shellcheck disable=SC2154
pkgs="$(sed 's/[^[:space:]]\{1,\}/"&"/g;s/ /,/g' <<<"${global_jails_pkgs} ${!blueprintpkgs}")"
echo '{"pkgs":['"${pkgs}"']}' > /tmp/pkg.json
if [ "${setdhcp}" == "on" ]
then
# shellcheck disable=SC2154
pkgs="$(sed 's/[^[:space:]]\{1,\}/"&"/g;s/ /,/g' <<<"${global_jails_pkgs} ${!jailpkgs}")"
echo '{"pkgs":['"${pkgs}"']}' > /tmp/pkg.json
if [ "${setdhcp}" == "on" ]
if ! iocage create -n "${1}" -p /tmp/pkg.json -r "${global_jails_version}" interfaces="${jailinterfaces}" dhcp="on" vnet="on" allow_raw_sockets="1" boot="on" -b
then
# shellcheck disable=SC2154
if ! iocage create -n "${1}" -p /tmp/pkg.json -r "${global_jails_version}" interfaces="${jailinterfaces}" dhcp="on" vnet="on" allow_raw_sockets="1" boot="on" -b
then
echo "Failed to create jail"
exit 1
fi
else
# shellcheck disable=SC2154
if ! iocage create -n "${1}" -p /tmp/pkg.json -r "${global_jails_version}" interfaces="${jailinterfaces}" ip4_addr="vnet0|${!jailip4}" defaultrouter="${!jailgateway}" vnet="on" allow_raw_sockets="1" boot="on" -b
then
echo "Failed to create jail"
exit 1
fi
echo "Failed to create jail"
exit 1
fi
rm /tmp/pkg.json
echo "creating jail config directory"
else
# shellcheck disable=SC2154
createmount "${1}" "${global_dataset_config}"
createmount "${1}" "${global_dataset_config}"/"${1}" /config
# Create and Mount portsnap
echo "Mounting and fetching ports"
createmount "${1}" "${global_dataset_config}"/portsnap
createmount "${1}" "${global_dataset_config}"/portsnap/db /var/db/portsnap
createmount "${1}" "${global_dataset_config}"/portsnap/ports /usr/ports
iocage exec "${1}" "if [ -z /usr/ports ]; then portsnap fetch extract; else portsnap auto; fi"
echo "Jail creation completed for ${1}"
if ! iocage create -n "${1}" -p /tmp/pkg.json -r "${global_jails_version}" interfaces="${jailinterfaces}" ip4_addr="vnet0|${!jailip4}" defaultrouter="${!jailgateway}" vnet="on" allow_raw_sockets="1" boot="on" -b
then
echo "Failed to create jail"
exit 1
fi
fi
rm /tmp/pkg.json
echo "creating jail config directory"
# shellcheck disable=SC2154
createmount "${1}" "${global_dataset_config}"
createmount "${1}" "${global_dataset_config}"/"${1}" /config
# Create and Mount portsnap
createmount "${1}" "${global_dataset_config}"/portsnap
createmount "${1}" "${global_dataset_config}"/portsnap/db /var/db/portsnap
createmount "${1}" "${global_dataset_config}"/portsnap/ports /usr/ports
if [ "${!blueprintports}" == "true" ]
then
echo "Mounting and fetching ports"
iocage exec "${1}" "if [ -z /usr/ports ]; then portsnap fetch extract; else portsnap auto; fi"
else
echo "Ports not enabled for blueprint, skipping"
fi
echo "Jail creation completed for ${1}"
}
# $1 = jail name

Some files were not shown because too many files have changed in this diff Show More