Home Explore Help
Sign In
Troglodyne
/
tCMS
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 8214a9646f
Branches Tags
tCMS
/
Makefile

Makefile 5.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 
  1. SHELL := /bin/bash
    2. 

  2. 

  3. .PHONY: depend
    4. 

  4. depend:
    5. 

  5. 	[ -f "/etc/debian_version" ] && make prereq-debs; /bin/true;
    6. 

  6. 	make prereq-perl prereq-frontend
    7. 

  7. 

  8. .PHONY: install
    9. 

  9. install:
    10. 

  10. 	test -d www/themes || mkdir -p www/themes
    11. 

  11. 	test -d data/files || mkdir -p data/files
    12. 

  12. 	test -d www/assets || mkdir -p www/assets
    13. 

  13. 	test -d www/statics || mkdir -p www/statics
    14. 

  14. 	test -d totp/ || mkdir -p totp
    15. 

  15. 	test -d ~/.tcms || mkdir ~/.tcms
    16. 

  16. 	test -d /var/log && mkdir /var/log/www; /bin/true
    17. 

  17. 	$(RM) pod2htmd.tmp;
    18. 

  18. 

  19. .PHONY: install-service
    20. 

  20. install-service:
    21. 

  21. 	mkdir -p ~/.config/systemd/user
    22. 

  22. 	cp service-files/systemd.unit ~/.config/systemd/user/tCMS.service
    23. 

  23. 	sed -ie 's#__REPLACEME__#$(shell pwd)#g' ~/.config/systemd/user/tCMS.service
    24. 

  24. 	sed -ie 's#__PORT__#$(PORT)#g' ~/.config/systemd/user/tCMS.service
    25. 

  25. 	systemctl --user daemon-reload
    26. 

  26. 	systemctl --user enable tCMS
    27. 

  27. 	systemctl --user start tCMS
    28. 

  28. 	loginctl enable-linger $(USER)
    29. 

  29. 

  30. .PHONY: prereq-debian
    31. 

  31. prereq-debian: prereq-debs prereq-perl prereq-frontend prereq-node
    32. 

  32. 

  33. .PHONY: prereq-debs
    34. 

  34. prereq-debs:
    35. 

  35. 	sudo apt-get update
    36. 

  36. 	sudo apt-get install -y sqlite3 nodejs npm libsqlite3-dev libdbd-sqlite3-perl cpanminus starman libxml2 curl         \
    37. 

  37. 		uwsgi uwsgi-plugin-psgi fail2ban nginx certbot postfix dovecot-imapd dovecot-pop3d postgrey spamassassin amavis clamav\
    38. 

  38. 	    libtext-xslate-perl libplack-perl libconfig-tiny-perl libdatetime-format-http-perl libjson-maybexs-perl          \
    39. 

  39. 	    libuuid-tiny-perl libcapture-tiny-perl libconfig-simple-perl libdbi-perl libfile-slurper-perl libfile-touch-perl \
    40. 

  40. 	    libfile-copy-recursive-perl libxml-rss-perl libmodule-install-perl libio-string-perl uuid-dev                    \
    41. 

  41. 	    libmoose-perl libmoosex-types-datetime-perl libxml-libxml-perl liblist-moreutils-perl libclone-perl libpath-tiny-perl
    42. 

  42. 

  43. .PHONY: prereq-perl
    44. 

  44. prereq-perl:
    45. 

  45. 	sudo cpanm -n --installdeps .
    46. 

  46. 

  47. .PHONY: prereq-node
    48. 

  48. prereq-node:
    49. 

  49. 	npm i
    50. 

  50. 

  51. .PHONY: prereq-frontend
    52. 

  52. prereq-frontend:
    53. 

  53. 	mkdir -p www/scripts; pushd www/scripts && curl -L --remote-name-all                                 \
    54. 

  54. 		"https://raw.githubusercontent.com/chalda-pnuzig/emojis.json/master/dist/list.min.json"     \
    55. 

  55. 		"https://raw.githubusercontent.com/highlightjs/cdn-release/main/build/highlight.min.js"; popd
    56. 

  56. 	mkdir -p www/styles; cd www/styles && curl -L --remote-name-all \
    57. 

  57. 		"https://raw.githubusercontent.com/highlightjs/cdn-release/main/build/styles/obsidian.min.css"
    58. 

  58. 

  59. .PHONY: reset
    60. 

  60. reset: reset-remove install
    61. 

  61. 

  62. .PHONY: reset-remove
    63. 

  63. reset-remove:
    64. 

  64. 	rm -rf data; /bin/true
    65. 

  65. 	rm -rf www/themes; /bin/true
    66. 

  66. 	rm -rf www/assets; /bin/true
    67. 

  67. 	rm config/auth.db; /bin/true
    68. 

  68. 	rm config/main.cfg; /bin/true
    69. 

  69. 	rm config/has_users; /bin/true
    70. 

  70. 	rm config/setup; /bin/true
    71. 

  71. 

  72. .PHONY: fail2ban
    73. 

  73. fail2ban:
    74. 

  74. 	sudo ln -sr fail2ban/tcms-jail.conf   /etc/fail2ban/jail.d/tcms.conf
    75. 

  75. 	sudo ln -sr fail2ban/tcms-filter.conf /etc/fail2ban/filter.d/tcms.conf
    76. 

  76. 	sudo systemctl reload fail2ban
    77. 

  77. 

  78. .PHONY: nginx
    79. 

  79. nginx:
    80. 

  80. 	[ -n "$$SERVER_NAME" ] || ( echo "Please set the SERVER_NAME environment variable before running (e.g. test.test)" && /bin/false )
    81. 

  81. 	[ -n "$$SERVER_PORT" ] || ( echo "Please set the SERVER_PORT environment variable before running (e.g. 5000)" && /bin/false )
    82. 

  82. 	sed 's/\%SERVER_NAME\%/$(SERVER_NAME)/g' nginx/tcms.conf.tmpl > nginx/tcms.conf.intermediate
    83. 

  83. 	sed 's/\%SERVER_PORT\%/$(SERVER_PORT)/g' nginx/tcms.conf.intermediate > nginx/tcms.conf
    84. 

  84. 	rm nginx/tcms.conf.intermediate
    85. 

  85. 	sudo mkdir -p '/var/www/$(SERVER_NAME)'
    86. 

  86. 	sudo mkdir -p '/var/www/mail.$(SERVER_NAME)'
    87. 

  87. 	sudo mkdir -p '/etc/letsencrypt/live/$(SERVER_NAME)'
    88. 

  88. 	[ -e "/etc/nginx/sites-enabled/$$SERVER_NAME.conf" ] && sudo rm "/etc/nginx/sites-enabled/$$SERVER_NAME.conf"
    89. 

  89. 	sudo ln -sr nginx/tcms.conf '/etc/nginx/sites-enabled/$(SERVER_NAME).conf'
    90. 

  90. 	# Make a self-signed cert FIRST, because certbot has a chicken/egg problem
    91. 

  91. 	sudo openssl req -x509 -config etc/openssl.conf -nodes -newkey rsa:4096 -subj '/CN=$(SERVER_NAME)' -addext 'subjectAltName=DNS:www.$(SERVER_NAME),DNS:mail.$(SERVER_NAME)' -keyout '/etc/letsencrypt/live/$(SERVER_NAME)/privkey.pem' -out '/etc/letsencrypt/live/$(SERVER_NAME)/fullchain.pem' -days 365
    92. 

  92. 	sudo systemctl reload nginx
    93. 

  93. 	# Now run certbot and get that http dcv. We have to do a "gamer move" so that certbot doesn't complain about live dir existing.
    94. 

  94. 	sudo rm -rf '/etc/letsencrypt/live/$(SERVER_NAME)'
    95. 

  95. 	sudo certbot certonly --webroot -w '/var/www/$(SERVER_NAME)/' -d '$(SERVER_NAME)' -d 'www.$(SERVER_NAME)' -w '/var/www/mail.$(SERVER_NAME)' -d 'mail.$(SERVER_NAME)'
    96. 

  96. 	sudo systemctl reload nginx
    97. 

  97. 

  98. .PHONY: mail
    99. 

  99. mail: nginx
    100. 

  100. 	# Dovecot
    101. 

  101. 	sudo cp /etc/dovecot/conf.d/10-ssl.conf /etc/dovecot/conf.d/10-ssl.conf.orig
    102. 

  102. 	sudo sed -i 's/^\(ssl_cert\s*=\).*/\1<\/etc\/letsencrypt\/live\/$(SERVER_NAME)\/fullchain.pem/g' /etc/dovecot/conf.d/10-ssl.conf
    103. 

  103. 	sudo sed -i 's/^\(ssl_key\s*=\).*/\1\<\/etc\/letsencrypt\/live\/$(SERVER_NAME)\/privkey.pem/g' /etc/dovecot/conf.d/10-ssl.conf
    104. 

  104. 	# Postfix
    105. 

  105. 	sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.orig
    106. 

  106. 	sudo sed -i 's/^\(smtpd_tls_cert_file\s*=\).*/\1\/etc\/letsencrypt\/live\/$(SERVER_NAME)\/fullchain.pem/g' /etc/postfix/main.cf
    107. 

  107. 	sudo sed -i 's/^\(smtpd_tls_key_file\s*=\).*/\1\/etc\/letsencrypt\/live\/$(SERVER_NAME)\/privkey.pem/g' /etc/postfix/main.cf
    108. 

  108. 	sudo sed -i 's/^\(myhostname\s*=\).*/\1$(SERVER_NAME)/g' /etc/postfix/main.cf
    109. 

  109. 	sudo echo '$(SERVER_NAME)' > /etc/mailname
    110. 

  110. 	# TODO everything else
    111. 

  111. 

  112. .PHONY: all
    113. 

  113. all: prereq-debian install fail2ban mail
    114.