summaryrefslogtreecommitdiff
path: root/docs/install_notes.txt
blob: 488f39d29c0fd27054cbef4d0ccd13d69d4bcd59 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
List of runtime dependencies: apache2 libconfig-gitlike-perl libcrypt-blowfish-perl libcrypt-cbc-perl libdigest-hmac-perl libdigest-sha-perl libemail-valid-loose-perl libgetopt-tabular-perl libjson-perl libmath-gmp-perl libmime-base32-perl libmoose-perl libmoosex-singleton-perl libmoosex-strictconstructor-perl moreutils ssl-cert libapache2-mod-auth-pam libapache2-mod-auth-sys-group git libsearch-xapian-perl libcgi-session-perl libcgi-formbuilder-perl libcaptcha-recaptcha-perl libxml-simple-perl perlmagick libfile-chdir-perl libtext-markdown-discount-perl libtext-csv-perl graphviz texlive dvipng libsort-naturally-perl gcc sudo ksh
List of source dependencies: dpkg-dev debhelper devscripts fakeroot texlive-extra-utils wdg-html-validator po4a cdbs zlib1g-dev libssl-dev libcurl4-openssl-dev build-essential libhtml-template-perl libhtml-scrubber-perl libyaml-libyaml-perl python-support

# wheezy is best-tested at this point

# ikiwiki
cd ~
git clone git://git.ikiwiki.info/
cd git.ikiwiki.info
sed '/<\/pre>/,/<pre>/ d' < doc/todo/headless_git_branches.mdwn | patch -p1
# you may wish to git commit IkiWiki/Plugin/git.pm if you intend to continue tracking upstream
dpkg-buildpackage -tc -uc -us
debi

# if dpkg-buildpackage fails, you can also
#   apt-get install ikiwiki
#   cd /usr/share/perl5
#   sed '/<\/pre>/,/<pre>/ d' < ~/git.ikiwiki.info/doc/todo/headless_git_branches.mdwn | patch -p1

echo ikiwiki hold | dpkg --set-selections

# piny
cd ~
git clone git://piny.be/piny-code
cd piny-code
./builddebs # probably want to say no to everything
dpkg -i libpiny-perl*.deb pinyadmin*.deb pinyconfigs*.deb pinyweb*.deb # Probably want to replace the files it offers to replace

a2enmod ssl
a2enmod auth_pam
a2enmod auth_sys_group

url="some.url"

gitpath="/srv/ikiwiki"
ikiwikiurl="http://$url/"
ikiwikidestdir="/srv/http/$url/"
ikiwikisrcdir="/srv/ikiwiki"
ikiwikisecurepath="/srv/https/secure.$url/"
ikiwikisecureurl="https://secure.$url/"
adminemail="some.jerk@$url"

(
echo    "[piny]"
echo -e "\tikiwikiurl = $ikiwikiurl"
echo -e "\tikiwikidestdir = $ikiwikidestdir"
echo -e "\tikiwikisrcdir = $ikiwikisrcdir"
echo -e "\tikiwikisecurepath = $ikiwikisecurepath"
echo -e "\tikiwikisecureurl = $ikiwikisecureurl"
echo -e "\tadminemail = $adminemail"
) > /etc/piny-override.conf

mkdir -p "$ikiwikidestdir" "$ikiwikisrcdir" "$ikiwikisecurepath"/write "$ikiwikisecurepath"/read /etc/ikiwiki/piny /srv/rbin

# If you want to offer optional SSL:
# ln -s /srv/http/"$url" /srv/https/"$url"

cat /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key > /etc/ssl/private/secure."$url".pem

perl -pe s/piny.be/"$url"/g\;s/SSLCertificateChainFile.+//g < /etc/apache2/sites-available/piny > /etc/apache2/sites-available/piny-"$url"

perl -pe 's/^(    Listen 443)$/    NameVirtualHost *:443\n\1/' < /etc/apache2/ports.conf | sponge /etc/apache2/ports.conf

a2dissite piny
a2ensite piny-"$url"

# cgit
# available prebuilt for amd64 and i386: http://debian.stbuehler.de/debian/pool/main/binary/
# normally sort of a pain to build due to the git developers failing to maintain a stable interface
perl -pe s/piny.be/"$url"/g < /etc/cgitrc | sponge /etc/cgitrc

# pinyshell
perl -pe 's|USERGROUPS=yes|USERGROUPS=no|' < /etc/adduser.conf | sponge /etc/adduser.conf 
for i in $(awk -F: '$4 >= 1000 && $4 < 65534 {print $1}' < /etc/passwd); do adduser $i users; done
# or find some other way to fix the /etc/sudoers.d/piny situation; it would be nice if sudo supported gid ranges

ln -sv /usr/bin/addaccess \
/usr/bin/appendkeys \
/usr/bin/lsaccess \
/usr/bin/lsrepo \
/usr/bin/pinyconfig \
/usr/bin/pinyhelp \
/usr/bin/readkeys \
/usr/bin/rebuildrepo \
/usr/bin/rmaccess \
/usr/bin/rmrepo \
/usr/bin/writekeys \
/usr/bin/git-receive-pack \
/usr/bin/git-upload-archive \
/usr/bin/git-upload-pack \
/usr/bin/git-shell \
/usr/bin/passwd \
/srv/rbin

ln -sv /usr/bin/newrepo /srv/rbin # enables creation of new repositories from piny shell accounts
ln -sv /usr/bin/newuser /srv/rbin # enables creation of new piny shell accounts from piny shell accounts

# git-daemon
apt-get install git-daemon-sysvinit
perl -pe 's|GIT_DAEMON_ENABLE=false|GIT_DAEMON_ENABLE=true|;s|GIT_DAEMON_DIRECTORY=/var/cache/git|GIT_DAEMON_DIRECTORY=/srv/git|;' < /etc/default/git-daemon | sponge /etc/default/git-daemon
echo 'GIT_DAEMON_BASE_PATH=/srv/git' >> /etc/default/git-daemon
/etc/init.d/git-daemon restart