source: genapp/sbin/install.pl @ 1464

Last change on this file since 1464 was 1464, checked in by ehb, 4 years ago

noindicies for centos 6, 7, redhat 7, scientific linux 7

File size: 36.3 KB
Line 
1#!/usr/bin/perl
2
3my $gb   = $ENV{ "GENAPP" } || die "$0: environment variable GENAPP must be set\n";
4
5print "perl version is $]\n" if $debug;
6print "command is: $0 @ARGV\n" if $debug;
7
8if ( $] < 5.018 ) {
9    if ( -e "$gb/perl/bin/perl" ) {
10        $pv =`$gb/perl/bin/perl -e 'print \$];'`;
11        if ( $pv >= 5.018 ) {
12            print "will run new version\n" if $debug;
13            unshift @ARGV, $0;
14            exec( "$gb/perl/bin/perl", @ARGV );
15        } else {
16            die "$gb/perl/bin/perl exists, but not a correct version of perl (needs a minimum of 5.18)\n";
17        }
18    } else {
19        die "you need to install a version of perl >= 5.18 in $gb/perl\n
20there is a script $gb/sbin/install-perl-stable to do this";
21    }
22}
23
24# configuration
25
26my $appbase = "/opt/genapp";
27
28# uncomment for debugguing
29# $debug++;
30
31# end configuration
32
33use JSON -support_by_pp;
34
35my $home = $ENV{ "HOME" } || die "$0: environment variable HOME must be set\n";
36
37$sorry = "------------------------------------------------------------
38We are sorry that your operating system / release is not currently supported.
39Please let us know your requirements and we can likely provide an install script to work with your system.
40You can subscribe to the mailing list http://biochem.uthscsa.edu/mailman/listinfo/genapp-devel
41and then send your questions to genapp-devel\@biochem.uthscsa.edu
42------------------------------------------------------------
43";
44
45# utility subs
46
47sub runcmd {
48    my $cmd = $_[0];
49    my $out;
50    print "running shell command:\n--------\n$cmd\n--------\n" if $debug;
51    open my $fh, "$cmd |";
52    while ( <$fh> ) {
53        $out .= $_;
54        print;
55    }
56    close $fh;
57    die "$0: command $cmd failed\n" if $?;
58    $out;
59}
60
61sub runcmdsb {
62    my $cmd = $_[0];
63    $cmd =~ s/"/\\\"/g;
64    $cmd = "sudo bash -c \"$cmd\"";
65    print "sd cmd is <$cmd>\n";
66    runcmd( $cmd );
67}
68
69sub add_to_phpini {
70    my $phpfile = shift;
71
72    die "$0: $phpfile does not exist\n" if !-e $phpfile;
73    die "$0: $phpfile is not readable\n" if !-r $phpfile;
74
75    open my $fh, $phpfile || die "$0: error reading $phpfile\n";
76    my @phpini = <$fh>;
77    close $fh;
78
79    my @phpext = grep ( /extension\s*=/, @phpini );
80    @phpext = grep ( !/\s*;/, @phpext );
81    @phpext = grep ( s/^\s*extension\s*=\s*//, @phpext );
82    @phpext = grep ( s/^\s*//g, @phpext );
83    @phpext = grep ( s/\.so//, @phpext );
84    grep chomp, @phpext;
85
86    my %hasext;
87    foreach my $i ( @phpext ) {
88        $hasext{ $i }++;
89    }
90
91    my $add;
92    foreach my $check ( @_ ) {
93        if ( !$hasext{ $check } ) {
94            $add .= "; Enable $check extension module\nextension=${check}.so\n";
95        }
96    }
97    my $cmd;
98    if ( $add ) {
99        $cmd = "cat <<_EOF >> $phpfile\n${add}_EOF\n";
100    }
101    return $cmd;
102}
103
104# get system configuration information
105my $cfgjson = {};
106my $cfgjsonf = "$gb/etc/config.json";
107my $cfgjsonnotes = '-'x80 . "\n
108$cfgjsonf contains global system information.
109this is used to setup individual applications values.
110to build a default config.json file
111$gb/sbin/setconfig.pl -pj
112and verify the information is correct.
113NB: if the machine is not publically exposed, you probably want to change the hostip and hostname, as it will likely report the public ip of your firewall.
114    You can get a full set of options listed by running $gb/sbin/setconfig.pl -h
115    If you know the ethernet interface to run on, $gb/sbin/setconfig.pl -if network-interface-id can be helpful
116    The -f option will force the changes to a previously set $cfgjsonf file
117    The full options are listed by $gb/sbin/setconfig.pl -h
118    You can also manually edit $cfgjsonf
119
120Once you are satisified that the setting are correct
121you can rerun $gb/sbin/install
122" . '-'x80 . "\n"
123;
124
125# get config info
126
127{
128    my $f = $cfgjsonf;
129    if ( -e $f ) {
130        print "reading $f\n";
131        open my $fh, $f || die "$0: can not open $f\n";
132        my @ol = <$fh>;
133        close $fh;
134        my @l = grep !/^\s*#/ , @ol;
135            my $l = join '', @l;
136        eval {
137            $cfgjson = decode_json( $l );
138            1;
139        } || do {
140            my $e = $@;
141           
142            # figure out line #
143
144            my ( $cp ) = $e =~ /at character offset (\d+) /;
145            my $i;
146            my $cpos = $cp;
147            for ( $i = 0; $i < @ol; ++$i ) {
148                next if $ol[ $i ] =~ /^\s*#/;
149                    $cpos -= length( $ol[ $i ] );
150                last if $cpos < 0;
151            }
152
153            my $sline = $i - 2;
154            my $eline = $i + 2;
155            $sline = 0 if $sline < 0;
156            $eline = @ol - 1 if $eline >= @ol;
157
158            print "JSON Error in file $f near these lines:\n";
159            for ( my $j = $sline; $j <= $eline; ++$j ) {
160                my $uj = $j + 1;
161                print "$uj: $ol[$j]";
162                print "$uj: " .'^'x(length($ol[$j])) . "\n" if $j == $i;
163            }
164            die;
165        };
166    } else {
167        my $res = `$gb/sbin/setconfig.pl -pj`;
168        print "$0 :
169" . '-'x80 . "
170please verify these settings are correct
171" . '-'x80 . "
172$res
173$cfgjsonnotes
174";
175        exit;
176    }
177}
178
179die "$0: no webroot defined in $cfgjson
180please verify and correct before proceeding
181
182$cfgjsonnotes
183" if !$$cfgjson{ 'webroot' };
184
185if ( !$$cfgjson{ 'lockdir' } ) {
186    $$cfgjson{ 'lockdir' } = "$gb/etc";
187}
188
189die "$0: no messaging:wsport defined in $cfgjson
190please verify and correct before proceeding
191
192$cfgjsonnotes
193" if !$$cfgjson{ 'messaging' }{ 'wsport' };
194
195$wsport = $$cfgjson{ 'messaging' }{ 'wsport' };
196
197# screen os / os_release
198
199my $os = $$cfgjson{ 'os' } || die "$0: $cfgjsonf does not contain an 'os' tag. $cfgjsonnotes";
200my $os_release = $$cfgjson{ 'os_release' } || die "$0: $cfgjsonf does not contain an 'os_release' tag. $cfgjsonnotes";
201
202if ( $os eq 'ubuntu' ) {
203    die "only ubuntu 14.04 an 16.04 currently supported and this appears to be version $os_release\n$sorry" if $os_release != 14.04 && $os_release != 16.04;
204}
205
206if ( $os eq 'centos' ) {
207    die "only Centos 6.7, 6.8, 6.9, 7.2, 7.3 and 7.4 currently supported and this appears to be version $os_release\n$sorry" if $os_release !~ /^6\.(7|8|9)$/ && $os_release !~ /^7\.(2|3|4)/;
208}
209
210if ( $os eq 'redhat' ) {
211    die "only Red Hat Enterprise Linux Server 6.7 and 6.8 are currently supported and this appears to be version $os_release\n$sorry" if $os_release !~ /^6\.(7|8)$/;
212}   
213
214if ( $os eq 'slackware' ) {
215    die "slackware install not currently supported\n";
216}
217
218my $whoami = `whoami`;
219chomp $whoami;
220
221my $CPUS=`grep processor /proc/cpuinfo | wc -l`;
222grep chomp $CPUS;
223$CPUS = 1 if !$CPUS;
224$CPUS *= 2;
225
226# ------ ubuntu 14.04 ------
227
228if ( $os eq 'ubuntu' && $os_release == 14.04 ) {
229    # install required modules
230
231    runcmd( "sudo apt-get -y install mlocate build-essential apache2 libzmq-dev libapache2-mod-php5 php-pear php5-imagick php-mail php-mail-mime php5-mongo php5-dev mongodb pkg-config re2c uuid-dev abiword wget" );
232    runcmdsb( "yes '' | pecl install uuid zmq-beta" );
233
234    # zmq to php
235
236    runcmdsb( "cat <<_EOF > /etc/php5/mods-available/zmq.ini
237; configuration for php zmq module
238; priority=20
239extension=zmq.so
240_EOF
241php5enmod zmq" );
242
243    # add pcntl to php
244
245    my $pcntl_so_exists = `cd /usr/lib/php5/20*/ ; ls -1 pcntl.so`;
246   
247    if ( $pcntl_so_exists !~ /pcntl.so/ ) {
248        runcmdsb( "mkdir /tmp/phpsource
249cd /tmp/phpsource
250apt-get source php5
251cd /tmp/phpsource/php5-*/ext/pcntl
252phpize
253./configure
254make
255cd modules
256cp pcntl.so /usr/lib/php5/20*/
257cat <<_EOF > /etc/php5/mods-available/pcntl.ini
258; configuration for php pcntl module
259; priority=20
260extension=pcntl.so
261_EOF
262" );
263    } else {
264        print "skipped pcntl.so module install since preexisting\n";
265    }
266    runcmdsb( "sed \"s/^disable_functions = pcntl/\;disable_functions = pcntl/\" /etc/php5/apache2/php.ini > /tmp/_php.ini
267cp /etc/php5/apache2/php.ini{,.org}
268mv /tmp/_php.ini /etc/php5/apache2/php.ini
269#php5enmod pcntl" );
270
271    # add proxy support for ws, wss
272    runcmdsb( "cat <<_EOF > /etc/apache2/mods-available/wsproxy.conf
273# ws proxy pass
274# priority=20
275ProxyPass /ws2 ws://localhost:$wsport/
276_EOF
277cat <<_EOF > /etc/apache2/mods-available/wsproxy.load
278_EOF
279cat <<_EOF > /etc/apache2/mods-available/wssproxy.conf
280# wss proxy pass
281# priority=20
282ProxyPass /wss2 ws://localhost:$wsport/
283_EOF
284cat <<_EOF > /etc/apache2/mods-available/wssproxy.load
285_EOF
286");
287    runcmd( "sudo a2enmod proxy proxy_wstunnel wsproxy" );
288
289    # genapp html5 likes php at /usr/local/bin/php so make sure it exists
290
291    if ( -e "/usr/bin/php" && !-e "/usr/local/bin/php" ) {
292        runcmd( "sudo bash -c 'ln -s /usr/bin/php /usr/local/bin/php'" );
293    }
294
295    # make the base of the genapp instances directory, create group genapp, add user & www-data to genapp group
296
297    runcmdsb( "mkdir -p $appbase
298groupadd genapp
299useradd genapp -r -s /usr/sbin/nologin -d $appbase -g genapp
300chmod g+rwx $appbase
301chown $whoami:genapp $appbase
302chmod g+s $appbase
303mkdir $$cfgjson{'lockdir'}
304chown genapp:genapp $$cfgjson{'lockdir'}
305chmod g+rwx $$cfgjson{'lockdir'}
306usermod -g users -G genapp $whoami
307usermod -G genapp \'www-data\'" );
308
309    # setup local system definitions
310
311    runcmdsb( "cat <<_EOF > /etc/profile.d/genapp.sh
312export GENAPP=$gb
313export PATH=\\\\\\\$GENAPP/bin:\\\\\\\$PATH
314_EOF
315" );
316
317    # php info for debugging
318   
319    runcmdsb( "cat <<_EOF > $$cfgjson{'webroot'}/php_info.php
320<?php
321phpinfo();
322?>
323_EOF
324" );
325
326    # setup genapptest instance
327
328    runcmd( "cd $appbase && $gb/sbin/getapp.pl -force -gen -admin $whoami svn genapptest" );
329
330    # apache2 security needed ?
331
332    runcmdsb( "cat <<_EOF >> /etc/apache2/conf-enabled/security.conf
333# add Alias /genapptest $$cfgjson{'webroot'}/genapptest
334<Directory $$cfgjson{'webroot'}/genapptest>
335 Options FollowSymLinks
336 AllowOverride None
337 Order Allow,Deny
338 Allow from all
339</Directory>
340<Directory /var/www/>
341        Options FollowSymLinks
342        AllowOverride None
343        Require all granted
344</Directory>
345_EOF
346" );
347
348    # add ws servers to startup
349
350    runcmdsb( "cp $appbase/genapptest/output/html5/util/rc.genapp /etc/init.d
351update-rc.d rc.genapp defaults 99
352update-rc.d mongodb defaults" );
353
354    # start ws servers
355    runcmdsb( "sg genapp -c '/etc/init.d/rc.genapp start'" );
356
357# restart apache2
358
359    runcmd( "sudo service apache2 restart" );
360    exit();
361}
362
363# ------ centos 6.7 & 6.8 & 6.9 -------
364if ( $os eq 'centos' && ( $os_release == 6.7 || $os_release == 6.8 || $os_release == 6.9 ) ) {
365    # install required modules
366
367#    runcmdsb( "rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm" );
368    runcmdsb( "yum -y groupinstall 'Development tools'" );
369    runcmdsb( "yum -y install centos-release-scl" );
370
371    runcmdsb( "yum -y install mlocate httpd24-httpd httpd24-httpd-devel rh-php56-php rh-php56-php-devel rh-php56-php-pear rh-php56-php-pecl-mongo mongodb mongodb-server wget libuuid-devel zeromq-devel openssl-devel ImageMagick ImageMagick-devel" );
372# old commands
373#    runcmdsb( "yum -y install mlocate httpd24-httpd httpd24-httpd-devel httpd24-php55 http24-php55w-devel httpd24--pecl-imagick mongodb mongodb-server pkg-config wget libuuid-devel zeromq-devel openssl-devel" );
374#    runcmdsb( "yum -y install mlocate httpd24-httpd httpd24-httpd-develhttpd24-php55 http24-php55w-devel httpd24--pecl-imagick mongodb mongodb-server pkg-config wget libuuid-devel zeromq-devel openssl-devel" );
375#-zmq php-pecl-http php-pear php-pecl-imagick php-mail php-mail-mime php-pecl-mongo php-devel mongodb mongodb-server pkg-config re2c php-pecl-uuid wget" );
376
377    my $rhsclphp    = "/opt/rh/rh-php56/root";
378    my $rhsclphpetc = "/etc/opt/rh/rh-php56/";
379    my $rhsclhttpd  = "/opt/rh/httpd24/root";
380
381    runcmdsb( "yes '' | $rhsclphp/usr/bin/pecl install uuid zmq-beta mongo imagick;
382cat <<_EOF > $rhsclphpetc/php.d/uuid.ini
383; Enable uuid extension module
384extension=uuid.so
385_EOF
386cat <<_EOF > $rhsclphpetc/php.d/zmq.ini
387; Enable zmq extension module
388extension=zmq.so
389_EOF
390cat <<_EOF > $rhsclphpetc/php.d/imagick.ini
391; Enable imagick extension module
392extension=imagick.so
393_EOF
394#cat <<_EOF > $rhsclphpetc/php.d/mongo.ini
395#; Enable mongo extension module
396#extension=mongo.so
397#_EOF
398" );
399
400    runcmdsb( "scl enable rh-php56 'pear upgrade --force --alldeps http://pear.php.net/get/PEAR-1.10.5'" );
401    runcmdsb( "scl enable rh-php56 'pear install --alldeps Mail Mail_Mime Net_SMTP'" );
402
403    `sudo killall mongod 2> /dev/null`;
404    runcmdsb( "service mongod start" );
405
406    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/wsproxy.conf
407# ws proxy pass
408# priority=20
409ProxyPass /ws2 ws://localhost:$wsport/
410ProxyPass /wss2 ws://localhost:$wsport/
411_EOF
412cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/genapp.conf
413SetEnv GENAPP $gb
414_EOF
415");
416
417    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/noindices.conf
418<Directory \"$rhsclhttpd/var/www/html\">
419    Options FollowSymLinks
420    AllowOverride None
421    Require all granted
422</Directory>
423_EOF
424");
425
426    # scl puts php in $rhsclphp so link it
427
428    runcmdsb( "ln -sf $rhsclphp/usr/bin/php /usr/bin/php" );
429
430    # scl puts httpd root in $rhsclphp so link it
431
432    if ( -e "/var/www" ) {
433        if ( -d "/var/www" || -f "/var/www" ) {
434            my $bdir = "/var/www.previous";
435            my $ext ;
436            while ( -e $bdir ) {
437               $ext++;
438               $bdir = "/var/www.previous-$ext";
439            }
440            $warnings .= "/var/www is backed up in $bdir";
441            runcmdsb( "mv /var/www $bdir" );
442        } else {
443            runcmdsb( "rm /var/www" );
444        }
445    }
446
447    runcmdsb( "ln -sf $rhsclhttpd/var/www /var/www" );
448
449    # genapp html5 likes php at /usr/local/bin/php so make sure it exists
450
451    if ( -e "/usr/bin/php" && !-e "/usr/local/bin/php" ) {
452        runcmd( "sudo bash -c 'ln -s /usr/bin/php /usr/local/bin/php'" );
453    }
454
455    # make the base of the genapp instances directory, create group genapp, add user & apache to genapp group
456
457    runcmdsb( "mkdir -p $appbase
458groupadd genapp
459useradd genapp -r -s /usr/sbin/nologin -d $appbase -g genapp
460chmod g+rwx $appbase
461chown $whoami:genapp $appbase
462chmod g+s $appbase
463mkdir $$cfgjson{'lockdir'}
464chown genapp:genapp $$cfgjson{'lockdir'}
465chmod g+rwx $$cfgjson{'lockdir'}
466usermod -g users -G genapp $whoami
467usermod -G genapp \'apache\'" );
468
469    # setup local system definitions
470
471    runcmdsb( "cat <<_EOF > /etc/profile.d/genapp.sh
472export GENAPP=$gb
473export PATH=\\\\\\\$GENAPP/bin:\\\\\\\$PATH
474_EOF
475cat <<_EOF > /etc/profile.d/genapp.csh
476setenv GENAPP $gb
477setenv PATH=\\\\\\\$\{GENAPP\}/bin:\\\\\\\$\{PATH}
478_EOF
479
480" );
481
482    runcmdsb( "cat <<_EOF > $$cfgjson{'webroot'}/php_info.php
483<?php
484phpinfo();
485?>
486_EOF
487" );
488
489    # setup genapptest instance
490
491    runcmd( "cd $appbase && $gb/sbin/getapp.pl -force -gen -admin $whoami svn genapptest" );
492
493    # add ws servers to startup
494
495    runcmdsb( "cp $appbase/genapptest/output/html5/util/rc.genapp /etc/init.d" );
496    runcmdsb( "chkconfig --add rc.genapp" );
497    runcmdsb( "/etc/init.d/rc.genapp start" );
498
499    # open ports
500    {
501        my $iptab = `service iptables status | grep ACCEPT | grep INPUT | grep dpt:80`;
502        chomp $iptab;
503        if ( $iptab !~ /tcp/ ) {
504            runcmdsb( "iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
505service iptables save" );
506        }
507    }
508    if ( $$cfgjson{ 'https' } ) {
509        my $iptab = `service iptables status | grep ACCEPT | grep INPUT | grep dpt:443`;
510        chomp $iptab;
511        if ( $iptab !~ /tcp/ ) {
512            runcmdsb( "iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
513service iptables save" );
514        }
515    }
516
517    runcmdsb( "semanage permissive -a httpd_t; service httpd24-httpd restart && chkconfig httpd24-httpd on" );
518    exit();
519}
520
521# ------ centos 7.2,7.3,7.4 -------
522if ( $os eq 'centos' && $os_release =~ /^7\.(2|3|4)/ ) {
523
524    # install required modules
525
526#    runcmdsb( "rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm" );
527    runcmdsb( "yum -y groupinstall 'Development tools'" );
528    runcmdsb( "yum -y install centos-release-scl" );
529
530    runcmdsb( "yum -y install mlocate httpd24-httpd httpd24-httpd-devel rh-php56-php rh-php56-php-devel rh-php56-php-pear rh-php56-php-pecl-mongo mongodb mongodb-server wget libuuid-devel zeromq-devel openssl-devel ImageMagick ImageMagick-devel" );
531# old commands
532#    runcmdsb( "yum -y install mlocate httpd24-httpd httpd24-httpd-devel httpd24-php55 http24-php55w-devel httpd24--pecl-imagick mongodb mongodb-server pkg-config wget libuuid-devel zeromq-devel openssl-devel" );
533#    runcmdsb( "yum -y install mlocate httpd24-httpd httpd24-httpd-develhttpd24-php55 http24-php55w-devel httpd24--pecl-imagick mongodb mongodb-server pkg-config wget libuuid-devel zeromq-devel openssl-devel" );
534#-zmq php-pecl-http php-pear php-pecl-imagick php-mail php-mail-mime php-pecl-mongo php-devel mongodb mongodb-server pkg-config re2c php-pecl-uuid wget" );
535
536    my $rhsclphp    = "/opt/rh/rh-php56/root";
537    my $rhsclphpetc = "/etc/opt/rh/rh-php56/";
538    my $rhsclhttpd  = "/opt/rh/httpd24/root";
539
540    runcmdsb( "yes '' | $rhsclphp/usr/bin/pecl install uuid zmq-beta mongo imagick;
541cat <<_EOF > $rhsclphpetc/php.d/uuid.ini
542; Enable uuid extension module
543extension=uuid.so
544_EOF
545cat <<_EOF > $rhsclphpetc/php.d/zmq.ini
546; Enable zmq extension module
547extension=zmq.so
548_EOF
549cat <<_EOF > $rhsclphpetc/php.d/imagick.ini
550; Enable imagick extension module
551extension=imagick.so
552_EOF
553#cat <<_EOF > $rhsclphpetc/php.d/mongo.ini
554#; Enable mongo extension module
555#extension=mongo.so
556#_EOF
557" );
558
559    runcmdsb( "scl enable rh-php56 'pear upgrade --force --alldeps http://pear.php.net/get/PEAR-1.10.5'" );
560    runcmdsb( "scl enable rh-php56 'pear install --alldeps Mail Mail_Mime Net_SMTP'" );
561
562    `sudo killall mongod 2> /dev/null`;
563    runcmdsb( "service mongod start" );
564
565    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/wsproxy.conf
566# ws proxy pass
567# priority=20
568ProxyPass /ws2 ws://localhost:$wsport/
569ProxyPass /wss2 ws://localhost:$wsport/
570_EOF
571cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/genapp.conf
572SetEnv GENAPP $gb
573_EOF
574");
575
576    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/noindices.conf
577<Directory \"$rhsclhttpd/var/www/html\">
578    Options FollowSymLinks
579    AllowOverride None
580    Require all granted
581</Directory>
582_EOF
583");
584
585    # scl puts php in $rhsclphp so link it
586
587    runcmdsb( "ln -sf $rhsclphp/usr/bin/php /usr/bin/php" );
588
589    # scl puts httpd root in $rhsclphp so link it
590
591    if ( -e "/var/www" ) {
592        if ( -d "/var/www" || -f "/var/www" ) {
593            my $bdir = "/var/www.previous";
594            my $ext ;
595            while ( -e $bdir ) {
596               $ext++;
597               $bdir = "/var/www.previous-$ext";
598            }
599            $warnings .= "/var/www is backed up in $bdir";
600            runcmdsb( "mv /var/www $bdir" );
601        } else {
602            runcmdsb( "rm /var/www" );
603        }
604    }
605
606    runcmdsb( "ln -sf $rhsclhttpd/var/www /var/www" );
607
608    # genapp html5 likes php at /usr/local/bin/php so make sure it exists
609
610    if ( -e "/usr/bin/php" && !-e "/usr/local/bin/php" ) {
611        runcmd( "sudo bash -c 'ln -s /usr/bin/php /usr/local/bin/php'" );
612    }
613
614    # make the base of the genapp instances directory, create group genapp, add user & apache to genapp group
615
616    runcmdsb( "mkdir -p $appbase
617groupadd genapp
618useradd genapp -r -s /usr/sbin/nologin -d $appbase -g genapp
619chmod g+rwx $appbase
620chown $whoami:genapp $appbase
621chmod g+s $appbase
622mkdir $$cfgjson{'lockdir'}
623chown genapp:genapp $$cfgjson{'lockdir'}
624chmod g+rwx $$cfgjson{'lockdir'}
625usermod -g users -G genapp $whoami
626usermod -G genapp \'apache\'" );
627
628    # setup local system definitions
629
630    runcmdsb( "cat <<_EOF > /etc/profile.d/genapp.sh
631export GENAPP=$gb
632export PATH=\\\\\\\$GENAPP/bin:\\\\\\\$PATH
633_EOF
634cat <<_EOF > /etc/profile.d/genapp.csh
635setenv GENAPP $gb
636setenv PATH=\\\\\\\$\{GENAPP\}/bin:\\\\\\\$\{PATH}
637_EOF
638
639" );
640
641    runcmdsb( "cat <<_EOF > $$cfgjson{'webroot'}/php_info.php
642<?php
643phpinfo();
644?>
645_EOF
646" );
647
648    # setup genapptest instance
649
650    runcmd( "cd $appbase && $gb/sbin/getapp.pl -force -gen -admin $whoami svn genapptest" );
651
652    # add ws servers to startup
653
654    runcmdsb( "cp $appbase/genapptest/output/html5/util/rc.genapp /etc/init.d" );
655    runcmdsb( "chkconfig --add rc.genapp" );
656    runcmdsb( "/etc/init.d/rc.genapp start" );
657
658    # open ports
659    {
660        my $iptab = `service iptables status | grep ACCEPT | grep INPUT | grep dpt:80`;
661        chomp $iptab;
662        if ( $iptab !~ /tcp/ ) {
663            runcmdsb( "iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
664service iptables save" );
665        }
666    }
667    if ( $$cfgjson{ 'https' } ) {
668        my $iptab = `service iptables status | grep ACCEPT | grep INPUT | grep dpt:443`;
669        chomp $iptab;
670        if ( $iptab !~ /tcp/ ) {
671            runcmdsb( "iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
672service iptables save" );
673        }
674    }
675
676    runcmdsb( "semanage permissive -a httpd_t; service httpd24-httpd restart && chkconfig httpd24-httpd on" );
677    exit();
678}
679
680# ------ redhat -------
681if ( $os eq 'redhat' ) {
682    # install required modules
683
684#    runcmdsb( "rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm" );
685    runcmdsb( "cat <<_EOF > /etc/yum.repos.d/mongodb.repo
686[mongodb]
687name=MongoDB Repository
688baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
689gpgcheck=0
690enabled=1
691_EOF
692# the 3.2 repo didn't seem to work
693#cat <<_EOF > /etc/yum.repos.d/mongodb-org-3.2.repo
694#[mongodb-org-3.2]
695#name=MongoDB Repository
696#baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/3.2/x86_64/
697#gpgcheck=1
698#enabled=1
699#gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc
700#_EOF
701cat <<_EOF > /etc/yum.repos.d/mongodb-org-2.6.repo
702[mongodb-org-2.6]
703name=MongoDB 2.6 Repository
704baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
705gpgcheck=0
706enabled=1
707_EOF
708cat <<_EOF > /etc/yum.repos.d/fengshuo_zeromq.repo
709[home_fengshuo_zeromq]
710name=The latest stable of zeromq builds (CentOS_CentOS-6)
711type=rpm-md
712baseurl=http://download.opensuse.org/repositories/home:/fengshuo:/zeromq/CentOS_CentOS-6/
713gpgcheck=1
714gpgkey=http://download.opensuse.org/repositories/home:/fengshuo:/zeromq/CentOS_CentOS-6/repodata/repomd.xml.key
715enabled=1
716_EOF
717# semanage port -a -t mongod_port_t -p tcp 27017
718");
719
720    runcmdsb( "yum -y groupinstall 'Development tools'" );
721    runcmdsb( "yum-config-manager --enable rhel-server-rhscl-6-rpms" );
722    {
723        my @res = `sudo subscription-manager list --available --all 2>&1 | grep 'not yet registered'`;
724        die "$0: could not enable rhel-server-rhscl-6-rpms, the system does not appear to be registered. Try \$ sudo subscription-manager register --help" if @res;
725        @res = `sudo yum repolist 2> /dev/null | grep rhscl`;
726        die '-'x80 . "
727$0: you appeared to be registered, but need to attach to a pool.  you can use:
728\$ sudo subscription-manager list --available
729and identify a 'Pool ID:'=pool_id and then use that pool_id to
730\$ sudo subscription-manager attach --pool=pool_id
731" . '-'x80 . "
732You may also find info at this url:
733https://access.redhat.com/documentation/en-US/Red_Hat_Software_Collections/2/html-single/2.1_Release_Notes/index.html#sect-Installation-Subscribe
734" . '-'x80 . "
735" if !@res;
736    }
737
738    runcmdsb( "yum -y install mlocate httpd24-httpd httpd24-httpd-devel rh-php56-php rh-php56-php-devel rh-php56-php-pear rh-php56-php-pecl-mongo mongodb-org mongodb-org-server wget libuuid-devel zeromq-devel openssl-devel libpng-devel libjpeg-devel fontconfig-devel freetype-devel fftw-devel libtiff-devel cairo-devel pango pango-devel" );
739
740    # need imagemagick from source :(
741    my $imversion = "ImageMagick-6.9.7-10.tar.xz";
742    runcmd( "rm -f /tmp/$imversion 2>/dev/null;cd /tmp && wget http://transloadit.imagemagick.org/download/releases/$imversion && tar Jxf $imversion && cd ImageMagick-* && ./configure && make -j$CPUS && sudo make install" ) if !-e "/usr/local/bin/MagickWand-config";
743
744    my $rhsclphp    = "/opt/rh/rh-php56/root";
745    my $rhsclphpetc = "/etc/opt/rh/rh-php56/";
746    my $rhsclhttpd  = "/opt/rh/httpd24/root";
747
748    runcmdsb( "yes '' | $rhsclphp/usr/bin/pecl channel-update pecl.php.net" );
749    runcmdsb( "yes '' | $rhsclphp/usr/bin/pecl install uuid zmq-beta mongo imagick;
750cat <<_EOF > $rhsclphpetc/php.d/uuid.ini
751; Enable uuid extension module
752extension=uuid.so
753_EOF
754cat <<_EOF > $rhsclphpetc/php.d/zmq.ini
755; Enable zmq extension module
756extension=zmq.so
757_EOF
758cat <<_EOF > $rhsclphpetc/php.d/imagick.ini
759; Enable imagick extension module
760extension=imagick.so
761_EOF
762#cat <<_EOF > $rhsclphpetc/php.d/mongo.ini
763#; Enable mongo extension module
764#extension=mongo.so
765#_EOF
766" );
767
768    runcmdsb( "scl enable rh-php56 'pear upgrade --force --alldeps http://pear.php.net/get/PEAR-1.10.5'" );
769    runcmdsb( "scl enable rh-php56 'pear install --alldeps Mail Mail_Mime Net_SMTP'" );
770
771    `sudo killall mongod 2> /dev/null`;
772    runcmdsb( "service mongod start" );
773
774    # add proxy support for ws, wss
775    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/wsproxy.conf
776# ws proxy pass
777# priority=20
778ProxyPass /ws2 ws://localhost:$wsport/
779ProxyPass /wss2 ws://localhost:$wsport/
780_EOF
781cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/genapp.conf
782SetEnv GENAPP $gb
783_EOF
784");
785
786    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/noindices.conf
787<Directory \"$rhsclhttpd/var/www/html\">
788    Options FollowSymLinks
789    AllowOverride None
790    Require all granted
791</Directory>
792_EOF
793");
794
795    # scl puts php in $rhsclphp so link it
796
797    runcmdsb( "ln -sf $rhsclphp/usr/bin/php /usr/bin/php" );
798
799    # scl puts httpd root in $rhsclphp so link it
800
801    if ( -e "/var/www" ) {
802        if ( -d "/var/www" || -f "/var/www" ) {
803            my $bdir = "/var/www.previous";
804            my $ext ;
805            while ( -e $bdir ) {
806               $ext++;
807               $bdir = "/var/www.previous-$ext";
808            }
809            $warnings .= "/var/www is backed up in $bdir";
810            runcmdsb( "mv /var/www $bdir" );
811        } else {
812            runcmdsb( "rm /var/www" );
813        }
814    }
815     
816    runcmdsb( "ln -sf $rhsclhttpd/var/www /var/www" );
817
818    # genapp html5 likes php at /usr/local/bin/php so make sure it exists
819
820    if ( -e "/usr/bin/php" && !-e "/usr/local/bin/php" ) {
821        runcmdsb( "ln -s /usr/bin/php /usr/local/bin/php" );
822    }
823
824    # make the base of the genapp instances directory, create group genapp, add user & apache to genapp group
825
826    runcmdsb( "mkdir -p $appbase
827groupadd genapp
828useradd genapp -r -s /usr/sbin/nologin -d $appbase -g genapp
829chmod g+rwx $appbase
830chown $whoami:genapp $appbase
831chmod g+s $appbase
832mkdir $$cfgjson{'lockdir'}
833chown genapp:genapp $$cfgjson{'lockdir'}
834chmod g+rwx $$cfgjson{'lockdir'}
835usermod -g users -G genapp $whoami
836usermod -G genapp \'apache\'" );
837
838    # setup local system definitions
839
840    runcmdsb( "cat <<_EOF > /etc/profile.d/genapp.sh
841export GENAPP=$gb
842export PATH=\\\\\\\$GENAPP/bin:\\\\\\\$PATH
843_EOF
844cat <<_EOF > /etc/profile.d/genapp.csh
845setenv GENAPP $gb
846setenv PATH=\\\\\\\$\{GENAPP\}/bin:\\\\\\\$\{PATH}
847_EOF
848
849" );
850
851    runcmdsb( "cat <<_EOF > $$cfgjson{'webroot'}/php_info.php
852<?php
853phpinfo();
854?>
855_EOF
856" );
857
858    # setup genapptest instance
859
860    runcmd( "cd $appbase && $gb/sbin/getapp.pl -force -gen -admin $whoami svn genapptest" );
861
862    # add ws servers to startup
863
864    runcmdsb( "cp $appbase/genapptest/output/html5/util/rc.genapp /etc/init.d" );
865    runcmdsb( "chkconfig --add rc.genapp" );
866    runcmdsb( "/etc/init.d/rc.genapp start" );
867
868    runcmdsb( "semanage permissive -a httpd_t; service httpd24-httpd restart && chkconfig httpd24-httpd on" );
869
870    {
871        my $iptab = `service iptables status | grep ACCEPT | grep INPUT | grep dpt:80`;
872        chomp $iptab;
873        if ( $iptab !~ /tcp/ ) {
874            runcmdsb( "iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
875service iptables save" );
876        }
877    }
878    if ( $$cfgjson{ 'https' } ) {
879        my $iptab = `service iptables status | grep ACCEPT | grep INPUT | grep dpt:443`;
880        chomp $iptab;
881        if ( $iptab !~ /tcp/ ) {
882            runcmdsb( "iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
883service iptables save" );
884        }
885    }
886
887#    runcmdsb( "service httpd restart && chkconfig httpd on" );
888    exit();
889}
890
891# ------ ubuntu 16.04 ------
892if ( $os eq 'ubuntu' && $os_release == 16.04 ) {
893    # install required modules
894
895    runcmd( "sudo add-apt-repository -y ppa:ondrej/php && sudo apt-get -y update" );
896    runcmd( "sudo apt-get -y install mlocate build-essential apache2 php5.6-dev libapache2-mod-php5.6 php5.6-xml pkg-config re2c libzmq-dev uuid-dev abiword wget mongodb libmagickwand-6.q16-dev" );
897
898# php-pear php-imagick php-mail php-mail-mime php-mongodb mongodb" );
899
900    runcmdsb( "pear install --alldeps Mail Mail_Mime Net_SMTP" );
901    runcmdsb( "yes '' | pecl install uuid zmq-beta mongo imagick" );
902
903    # zmq to php
904
905    runcmdsb( "cat <<_EOF > /etc/php/5.6/mods-available/zmq.ini
906; configuration for php zmq module
907; priority=20
908extension=zmq.so
909_EOF
910cat <<_EOF > /etc/php/5.6/mods-available/imagick.ini
911; Enable imagick extension module
912extension=imagick.so
913_EOF
914cat <<_EOF > /etc/php/5.6/mods-available/mongo.ini
915; Enable mongo extension module
916extension=mongo.so
917_EOF
918phpenmod zmq mongo imagick" );
919
920    runcmdsb( "sed \"s/^disable_functions = pcntl/\;disable_functions = pcntl/\" /etc/php/5.6/apache2/php.ini > /tmp/_php.ini
921cp /etc/php/5.6/apache2/php.ini{,.org}
922mv /tmp/_php.ini /etc/php/5.6/apache2/php.ini
923#phpenmod pcntl" );
924
925    # add proxy support for ws, wss
926    runcmdsb( "cat <<_EOF > /etc/apache2/mods-available/wsproxy.conf
927# ws proxy pass
928# priority=20
929ProxyPass /ws2 ws://localhost:$wsport/
930_EOF
931cat <<_EOF > /etc/apache2/mods-available/wsproxy.load
932_EOF
933cat <<_EOF > /etc/apache2/mods-available/wssproxy.conf
934# wss proxy pass
935# priority=20
936ProxyPass /wss2 ws://localhost:$wsport/
937_EOF
938cat <<_EOF > /etc/apache2/mods-available/wssproxy.load
939_EOF
940");
941    runcmd( "sudo a2enmod proxy proxy_wstunnel wsproxy" );
942
943    # genapp html5 likes php at /usr/local/bin/php so make sure it exists
944
945    if ( -e "/usr/bin/php" && !-e "/usr/local/bin/php" ) {
946        runcmd( "sudo bash -c 'ln -s /usr/bin/php /usr/local/bin/php'" );
947    }
948
949    # make the base of the genapp instances directory, create group genapp, add user & www-data to genapp group
950
951    runcmdsb( "mkdir -p $appbase
952groupadd genapp
953useradd genapp -r -s /usr/sbin/nologin -d $appbase -g genapp
954chmod g+rwx $appbase
955chown $whoami:genapp $appbase
956chmod g+s $appbase
957mkdir $$cfgjson{'lockdir'}
958chown genapp:genapp $$cfgjson{'lockdir'}
959chmod g+rwx $$cfgjson{'lockdir'}
960usermod -g users -G genapp $whoami
961usermod -G genapp \'www-data\'" );
962
963    # setup local system definitions
964
965    runcmdsb( "cat <<_EOF > /etc/profile.d/genapp.sh
966export GENAPP=$gb
967export PATH=\\\\\\\$GENAPP/bin:\\\\\\\$PATH
968_EOF
969" );
970
971    # php info for debugging
972   
973    runcmdsb( "cat <<_EOF > $$cfgjson{'webroot'}/php_info.php
974<?php
975phpinfo();
976?>
977_EOF
978" );
979
980    # setup genapptest instance
981
982    runcmd( "cd $appbase && $gb/sbin/getapp.pl -force -gen -admin $whoami svn genapptest" );
983
984    # apache2 security needed ?
985
986    runcmdsb( "cat <<_EOF >> /etc/apache2/conf-enabled/security.conf
987# add Alias /genapptest $$cfgjson{'webroot'}/genapptest
988<Directory $$cfgjson{'webroot'}/genapptest>
989 Options FollowSymLinks
990 AllowOverride None
991 Order Allow,Deny
992 Allow from all
993</Directory>
994<Directory /var/www/>
995        Options FollowSymLinks
996        AllowOverride None
997        Require all granted
998</Directory>
999_EOF
1000" );
1001
1002    # add ws servers to startup
1003
1004    runcmdsb( "cp $appbase/genapptest/output/html5/util/rc.genapp /etc/init.d
1005update-rc.d rc.genapp defaults 99
1006update-rc.d mongodb defaults" );
1007
1008    # start ws servers
1009    runcmdsb( "/etc/init.d/rc.genapp start" );
1010
1011# restart apache2
1012
1013    runcmd( "sudo service apache2 restart" );
1014    exit();
1015}
1016
1017# ------ scientific linux 7.2 -------
1018if ( $os eq 'scientific' && $os_release =~ /^7\.(2|3|4)(cernvm|)/ ) {
1019
1020    my $cernvm;
1021    if ( $os_release =~ /cernvm$/ ) {
1022        $cernvm++;
1023    }
1024
1025    runcmdsb( "cat <<_EOF > /etc/yum.repos.d/mongodb.repo
1026[mongodb]
1027name=MongoDB Repository
1028baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
1029gpgcheck=0
1030enabled=1
1031_EOF
1032# the 3.2 repo didn't seem to work
1033#cat <<_EOF > /etc/yum.repos.d/mongodb-org-3.2.repo
1034#[mongodb-org-3.2]
1035#name=MongoDB Repository
1036#baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/3.2/x86_64/
1037#gpgcheck=1
1038#enabled=1
1039#gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc
1040#_EOF
1041cat <<_EOF > /etc/yum.repos.d/mongodb-org-2.6.repo
1042[mongodb-org-2.6]
1043name=MongoDB 2.6 Repository
1044baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
1045gpgcheck=0
1046enabled=1
1047_EOF
1048cat <<_EOF > /etc/yum.repos.d/fengshuo_zeromq.repo
1049[home_fengshuo_zeromq]
1050name=The latest stable of zeromq builds (CentOS_CentOS-6)
1051type=rpm-md
1052baseurl=http://download.opensuse.org/repositories/home:/fengshuo:/zeromq/CentOS_CentOS-6/
1053gpgcheck=1
1054gpgkey=http://download.opensuse.org/repositories/home:/fengshuo:/zeromq/CentOS_CentOS-6/repodata/repomd.xml.key
1055enabled=1
1056_EOF
1057");
1058
1059    runcmdsb( "semanage port -l | grep mongod_port_t || semanage port -a -t mongod_port_t -p tcp 27017" ) if !$cernvm;
1060
1061    # install required modules
1062
1063#    runcmdsb( "rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm" );
1064    runcmdsb( "yum -y groupinstall 'Development tools'" ) if !$cernvm;
1065
1066    runcmdsb( "yum -y install mlocate wget httpd httpd-devel php php-devel php-pear openssl-devel libuuid-devel mongodb-org mongodb-org-server zeromq-devel" );
1067 
1068    if ( $cernvm ) {
1069        # need imagemagick from source :(
1070        my $imversion = "ImageMagick-6.9.7-10.tar.xz";
1071        runcmd( "rm -f /tmp/$imversion 2>/dev/null; cd /tmp && wget http://transloadit.imagemagick.org/download/releases/$imversion && tar Jxf $imversion && cd ImageMagick-* && ./configure && make -j$CPUS && sudo make install" ) if !-e "/usr/local/bin/MagickWand-config";
1072    } else {
1073        runcmdsb( "yum -y install ImageMagick ImageMagick-devel" );
1074    }
1075
1076    my $rhsclphp    = "";
1077    my $rhsclphpetc = "";
1078    my $rhsclhttpd  = "";
1079
1080    runcmdsb( "yes '' | pecl channel-update pecl.php.net" );
1081    runcmdsb( "yes '' | pecl install uuid zmq-beta mongo imagick" );
1082
1083    if ( my $cmd = add_to_phpini( '/etc/php.ini', 'uuid', 'zmq', 'imagick', 'mongo' ) ) {
1084        runcmdsb( $cmd );
1085    }
1086
1087    # rh-php56-php-pecl-mongo mongodb mongodb-server zeromq-devel" );
1088    runcmdsb( "yes '' | pear channel-update pear.php.net" );
1089    runcmdsb( "yes '' | pear install --alldeps Mail Mail_Mime Net_SMTP" );
1090
1091    `sudo killall mongod 2> /dev/null`;
1092    runcmdsb( "service mongod start
1093chkconfig mongod on
1094" );
1095
1096    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/wsproxy.conf
1097# ws proxy pass
1098# priority=20
1099ProxyPass /ws2 ws://localhost:$wsport/
1100ProxyPass /wss2 ws://localhost:$wsport/
1101_EOF
1102cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/genapp.conf
1103SetEnv GENAPP $gb
1104_EOF
1105");
1106
1107    runcmdsb( "cat <<_EOF > $rhsclhttpd/etc/httpd/conf.d/noindices.conf
1108<Directory \"$rhsclhttpd/var/www/html\">
1109    Options FollowSymLinks
1110    AllowOverride None
1111    Require all granted
1112</Directory>
1113_EOF
1114");
1115
1116    # genapp html5 likes php at /usr/local/bin/php so make sure it exists
1117
1118    if ( -e "/usr/bin/php" && !-e "/usr/local/bin/php" ) {
1119        runcmd( "sudo bash -c 'ln -s /usr/bin/php /usr/local/bin/php'" );
1120    }
1121
1122    # make the base of the genapp instances directory, create group genapp, add user & apache to genapp group
1123
1124    runcmdsb( "mkdir -p $appbase
1125groupadd genapp
1126useradd genapp -r -s /usr/sbin/nologin -d $appbase -g genapp
1127chmod g+rwx $appbase
1128chown $whoami:genapp $appbase
1129chmod g+s $appbase
1130mkdir $$cfgjson{'lockdir'} 2> /dev/null
1131chown genapp:genapp $$cfgjson{'lockdir'}
1132chmod g+rwx $$cfgjson{'lockdir'}
1133usermod -g users -G genapp $whoami
1134usermod -G genapp \'apache\'" );
1135
1136    # setup local system definitions
1137
1138    runcmdsb( "cat <<_EOF > /etc/profile.d/genapp.sh
1139export GENAPP=$gb
1140export PATH=\\\\\\\$GENAPP/bin:\\\\\\\$PATH
1141_EOF
1142cat <<_EOF > /etc/profile.d/genapp.csh
1143setenv GENAPP $gb
1144setenv PATH=\\\\\\\$\{GENAPP\}/bin:\\\\\\\$\{PATH}
1145_EOF
1146
1147" );
1148
1149    runcmdsb( "cat <<_EOF > $$cfgjson{'webroot'}/php_info.php
1150<?php
1151phpinfo();
1152?>
1153_EOF
1154" );
1155
1156    # setup genapptest instance
1157
1158    runcmd( "cd $appbase && $gb/sbin/getapp.pl -force -gen -admin $whoami svn genapptest" );
1159
1160    # add ws servers to startup
1161
1162    runcmdsb( "cp $appbase/genapptest/output/html5/util/rc.genapp /etc/init.d" );
1163    runcmdsb( "chkconfig --add rc.genapp" );
1164    runcmdsb( "/etc/init.d/rc.genapp start" );
1165
1166    # open ports
1167    if ( !$cernvm ) {
1168        runcmdsb( "firewall-cmd --permanent --zone=public --add-service=http" );
1169        if ( $$cfgjson{ 'https' } ) {
1170            runcmdsb( "firewall-cmd --permanent --zone=public --add-service=https" );
1171        }
1172        runcmdsb( "systemctl restart firewalld.service" );
1173    }
1174
1175    runcmdsb( "semanage permissive -a httpd_t" ) if !$cernvm;
1176
1177    if ( $cernvm ) {
1178        runcmdsb( "sed --in-place=.prev 's/Listen .*:80/Listen 80/g' /etc/httpd/conf/httpd.conf" );
1179    }
1180
1181    runcmdsb( "systemctl restart httpd.service && systemctl enable httpd.service" );
1182    exit();
1183}
1184
1185
1186die "------------------------------------------------------------
1187Operating system identified as $os / release $os_release
1188$sorry";
Note: See TracBrowser for help on using the repository browser.