Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/debian/scripts/koha-list
Mirko Tietgen 2f634f2862 Bug 15303 Letsencrypt option for Debian package installations 
New option koha-create --letsencrypt

- installs the letsencrypt package if needed
- creates <instance>
- generates letsencrypt certificates for <instance>
- sets up a https-only website for <instance>
- redirects http to https for <instance>

! you need to enable jessie backports to install letsencrypt: add
deb http://http.debian.net/debian jessie-backports main contrib non-free
to your /etc/apt/sources.list

! this patch uses the letsencrypt staging server
to create real certificates, apply thy "LE production server" patch

Test plan:
- build a debian package with patch applied
- use apache mod_ssl
  sudo a2enmod ssl
- make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet
- install koha with your new package
- Put your (existing) domain options in /etc/koha/koha-sites.conf
- use koha-create with the new options:
  sudo koha-create --create-db --letsencrypt <instance>
- if you do not have the letsencrypt package installed, you will be prompted to do that
  [
    if there is no package available, a symlink to the git checkout will work:

    on your test server, get letsencrypt via git
    git clone https://github.com/letsencrypt/letsencrypt

    create a symlink from /usr/bin/letsencrypt to letsencrypt-auto
    sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt
  ]

- wait until setup is finished, check that you got a working OPAC and staff client with certificates
- check that http redirects to https

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-04-29 13:04:31 +00:00

268 lines
6.8 KiB
Bash
Executable file
Raw Blame History

#!/bin/sh
#
# koha-list -- List all Koha instances.
# Copyright 2010 Catalyst IT, Ltd
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
set -e
# include helper functions
if [ -f "/usr/share/koha/bin/koha-functions.sh" ]; then
. "/usr/share/koha/bin/koha-functions.sh"
else
echo "Error: /usr/share/koha/bin/koha-functions.sh not present." 1>&2
exit 1
fi
show_instances()
{
local show=$1
local show_email=$2
local show_sip=$3
for instance in $( get_instances ); do
case $show in
"all")
if instance_filter_email $instance $show_email && \
instance_filter_letsencrypt $instance $show_letsencrypt && \
instance_filter_plack $instance $show_plack && \
instance_filter_sip $instance $show_sip; then
echo $instance
fi ;;
"enabled")
if is_enabled $instance; then
if instance_filter_email $instance $show_email && \
instance_filter_letsencrypt $instance $show_letsencrypt && \
instance_filter_plack $instance $show_plack && \
instance_filter_sip $instance $show_sip; then
echo $instance
fi
fi ;;
"disabled")
if ! is_enabled $instance; then
if instance_filter_email $instance $show_email && \
instance_filter_letsencrypt $instance $show_letsencrypt && \
instance_filter_plack $instance $show_plack && \
instance_filter_sip $instance $show_sip; then
echo $instance
fi
fi ;;
esac
done
}
instance_filter_sip()
{
local instancename=$1
local show_sip=$2;
case $show_sip in
"all")
return 0 ;;
"enabled")
if is_sip_enabled $instancename; then
return 0
fi ;;
"disabled")
if ! is_sip_enabled $instancename; then
return 0
fi ;;
esac
# Didn't match any criteria
return 1
}
instance_filter_plack()
{
local instancename=$1
local show_plack=$2;
case $show_plack in
"all")
return 0 ;;
"enabled")
if is_plack_enabled $instancename; then
return 0
fi ;;
"disabled")
if ! is_plack_enabled $instancename; then
return 0
fi ;;
esac
# Didn't match any criteria
return 1
}
instance_filter_letsencrypt()
{
local instancename=$1
local show_letsencrypt=$2;
case $show_letsencrypt in
"all")
return 0 ;;
"enabled")
if is_letsencrypt_enabled $instancename; then
return 0
fi ;;
"disabled")
if ! is_letsencrypt_enabled $instancename; then
return 0
fi ;;
esac
# Didn't match any criteria
return 1
}
instance_filter_email()
{
local instancename=$1
local show_email=$2;
case $show_email in
"all")
return 0 ;;
"enabled")
if is_email_enabled $instancename; then
return 0
fi ;;
"disabled")
if ! is_email_enabled $instancename; then
return 0
fi ;;
esac
# Didn't match any criteria
return 1
}
set_show()
{
local show_param=$1
if [ "$show" = "all" ]; then
show=$show_param
else
die "Error: --enabled and --disabled are mutually exclusive."
fi
}
set_show_email()
{
local email_param=$1
if [ "$show_email" = "all" ]; then
show_email=$email_param
else
die "Error: --email and --noemail are mutually exclusive."
fi
}
set_show_letsencrypt()
{
local letsencrypt_param=$1
if [ "$show_letsencrypt" = "all" ]; then
show_letsencrypt=$letsencrypt_param
else
die "Error: --letsencrypt and --noletsencrypt are mutually exclusive."
fi
}
set_show_plack()
{
local plack_param=$1
if [ "$show_plack" = "all" ]; then
show_plack=$plack_param
else
die "Error: --plack and --noplack are mutually exclusive."
fi
}
set_show_sip()
{
local sip_param=$1
if [ "$show_sip" = "all" ]; then
show_sip=$sip_param
else
die "Error: --sip and --nosip are mutually exclusive."
fi
}
usage()
{
local scriptname=$0
cat <<EOH
Lists Koha instances, optionally only those that are enabled or have
email turned on.
Usage: $scriptname [--enabled|--disabled] [--email|--noemail] [--sip|--nosip] [-h]
Options:
--enabled Show enabled instances
--disabled Show disabled instances
--email Show instances with email enabled
--noemail Show instances with email disabled
--sip Show instances with SIP enabled
--nosip Show instances with SIP disabled
--plack Show instances with Plack enabled
--noplack Show instances with Plack disabled
--letsencrypt Show instances with letsencrypt enabled
--noletsencrypt Show instances with letsencrypt disabled
--help | -h Show this help
The filtering options can be combined, and you probably want to do this
(except --email and --noemail, or --enabled and --disabled, that's just silly.)
EOH
}
show="all"
show_email="all"
show_sip="all"
show_plack="all"
show_letsencrypt="all"
args=$(getopt -l help,enabled,disabled,email,noemail,sip,nosip,plack,noplack,letsencrypt,noletsencrypt -o h -n $0 -- "$@")
set -- $args
while [ ! -z "$1" ]
do
case "$1" in
-h|--help) usage; exit;;
--email) set_show_email "enabled" ;;
--noemail) set_show_email "disabled" ;;
--sip) set_show_sip "enabled" ;;
--nosip) set_show_sip "disabled" ;;
--plack) set_show_plack "enabled" ;;
--noplack) set_show_plack "disabled" ;;
--letsencrypt) set_show_letsencrypt "enabled" ;;
--noletsencrypt) set_show_letsencrypt "disabled" ;;
--enabled) set_show "enabled" ;;
--disabled) set_show "disabled" ;;
*) break;;
esac
shift
done
show_instances $show $show_email $show_sip
exit 0
View git blame Copy permalink