Updated slycrm.in (added gdftp service and letsencrypt).

diff --git a/sources/slycrm.in/c3d/firstboot/scripts/04_setalternatives.sh b/sources/slycrm.in/c3d/firstboot/scripts/04_setalternatives.sh
new file mode 100755 (executable)
index 0000000..f7d7d5e
--- /dev/null
+++ b/sources/slycrm.in/c3d/firstboot/scripts/04_setalternatives.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+
+REAL_PATH=$(realpath $(dirname $0))
+DATA_PATH=$(realpath $REAL_PATH/../data)
+
+alternatives --list
+JRE18_PATH=$(alternatives --list | grep -w jre_1.8.0 | awk '{print $3}')
+alternatives --set java $JRE18_PATH/bin/java

diff --git a/sources/slycrm.in/c3d/firstboot/scripts/10_setupletsencrypt.sh b/sources/slycrm.in/c3d/firstboot/scripts/10_setupletsencrypt.sh
new file mode 100755 (executable)
index 0000000..4d80599
--- /dev/null
+++ b/sources/slycrm.in/c3d/firstboot/scripts/10_setupletsencrypt.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+
+if [ -d /etc/letsencrypt ]
+then
+    mv /etc/letsencrypt /etc/letsencrypt.orig
+fi
+/usr/local/bin/getletsencrypt.sh
+if [ $? -eq 0 ]
+then
+    echo '40 3 * * * root /usr/local/bin/getletsencrypt.sh' >>/etc/crontab
+fi

diff --git a/sources/slycrm.in/c3d/firstboot/scripts/90_setupservices.sh b/sources/slycrm.in/c3d/firstboot/scripts/90_setupservices.sh
index e66f3ff8fcfff9778392b31a2ff8172fbfd54379..86b7ed7706e5c7e3419a09b14e52c15654d4ee68 100755 (executable)
--- a/sources/slycrm.in/c3d/firstboot/scripts/90_setupservices.sh
+++ b/sources/slycrm.in/c3d/firstboot/scripts/90_setupservices.sh
@@ -1,10 +1,12 @@
 #!/bin/sh
 
 
-systemctl enable slycrm.service
-systemctl start slycrm.service
 systemctl enable NetworkManager-wait-online.service
 systemctl start NetworkManager-wait-online.service
+systemctl enable gdftp.service
+systemctl start gdftp.service
+systemctl enable slycrm.service
+systemctl start slycrm.service
 
 systemctl enable logrotate.timer
 systemctl start logrotate.timer

diff --git a/sources/slycrm.in/c3d/mode.txt b/sources/slycrm.in/c3d/mode.txt
index ec2daa3fa304e2134693dc2a2df14c1d0b08c10d..507117ba9a31ecaca89b6ec475a3e46a6b15302c 100644 (file)
--- a/sources/slycrm.in/c3d/mode.txt
+++ b/sources/slycrm.in/c3d/mode.txt
@@ -3,4 +3,5 @@
 600 postinstall/install-data/etc/ssh/ssh_host_*_key
 644 postinstall/install-data/etc/ssh/ssh_host_*_key.pub
 600 postinstall/install-data/etc/ssh/sshd_config.d/*.conf
+755 postinstall/install-data/usr/local/bin/*.sh
 755 postinstall/scripts/*.sh

diff --git a/sources/slycrm.in/c3d/postinstall/install-data/etc/systemd/system/gdftp.service b/sources/slycrm.in/c3d/postinstall/install-data/etc/systemd/system/gdftp.service
new file mode 100644 (file)
index 0000000..8250301
--- /dev/null
+++ b/sources/slycrm.in/c3d/postinstall/install-data/etc/systemd/system/gdftp.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=GDFTP
+
+[Service]
+User=root
+WorkingDirectory=/opt/slycrm/GDFTP
+ExecStart=java -DSLY-CRM-GDFTP -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5006 -Xmx2G -Xms1G -jar /opt/slycrm/GDFTP/google-drive-ftp-adapter-1.6.2-jar-with-dependencies.jar
+# optional items below
+Restart=always
+RestartSec=3
+
+[Install]
+WantedBy=multi-user.target

diff --git a/sources/slycrm.in/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh b/sources/slycrm.in/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh
new file mode 100755 (executable)
index 0000000..ae61704
--- /dev/null
+++ b/sources/slycrm.in/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh
@@ -0,0 +1,103 @@
+#!/bin/sh
+
+
+# cases are:
+# 1: /etc/letsencrypt does not exist
+# 2: /etc/letsencrypt exists
+# 2.1: /etc/letsencrypt.staging does not exist
+# 2.1.1: /etc/letsencrypt.from-pki differs from /etc/letsencrypt
+# 2.1.2: /etc/letsencrypt.from-pki is the same as /etc/letsencrypt
+# 2.2: /etc/letsencrypt.staging exists
+# 2.2.1: /etc/letsencrypt.from-pki differs from /etc/letsencrypt.staging
+# 2.2.2: /etc/letsencrypt.from-pki is the same as /etc/letsencrypt.staging
+
+
+LE_DIRECTORY=/etc/letsencrypt
+LE_FP_DIRECTORY=${LE_DIRECTORY}.from-pki
+LE_OLD_DIRECTORY=${LE_DIRECTORY}.old
+LE_STAGING_DIRECTORY=${LE_DIRECTORY}.staging
+
+CERTBOT_DIR=/etc/letsencrypt/live/useribm
+CERT_FILE=$CERTBOT_DIR/cert.pem
+KEY_FILE=$CERTBOT_DIR/privkey.pem
+P12_FILE=/opt/slycrm/certificate1.p12
+
+
+rm --force --recursive $LE_FP_DIRECTORY
+echo "getting letsencrypt directory from pki"
+/usr/bin/rsync \
+    --archive \
+    --delete-after \
+    --info=STATS \
+    pki.in.useribm.hu::letsencrypt \
+    $LE_FP_DIRECTORY
+if [ $? -ne 0 ]
+then
+    echo "cannot get letsencrypt directory from pki"
+    rm --force --recursive $LE_FP_DIRECTORY
+    exit 1
+fi
+
+if [ -d $LE_DIRECTORY ]
+then
+    # case 2
+    echo "$LE_DIRECTORY exists"
+    if [ -d $LE_STAGING_DIRECTORY ]
+    then
+        # case 2.2
+        echo "  $LE_STAGING_DIRECTORY exists"
+        diff --brief --recursive $LE_FP_DIRECTORY $LE_STAGING_DIRECTORY
+        DIFFERS=$?
+        if [ $DIFFERS -eq 0 ]
+        then
+            # case 2.2.2
+            echo "    $LE_FP_DIRECTORY the same as $LE_STAGING_DIRECTORY"
+            echo "    moving $LE_STAGING_DIRECTORY to $LE_DIRECTORY"
+            rm --force --recursive $LE_FP_DIRECTORY
+            rm --force --recursive $LE_OLD_DIRECTORY
+            mv $LE_DIRECTORY $LE_OLD_DIRECTORY
+            mv $LE_STAGING_DIRECTORY $LE_DIRECTORY
+            openssl pkcs12 -export \
+                           -in $CERT_FILE \
+                           -inkey $KEY_FILE \
+                           -out $P12_FILE \
+                           -name slycrm \
+                           -passout pass:password
+            systemctl restart slycrm.service
+        else
+            # case 2.2.1
+            echo "    $LE_FP_DIRECTORY differs from $LE_STAGING_DIRECTORY"
+            echo "    moving $LE_FP_DIRECTORY to $LE_STAGING_DIRECTORY"
+            rm --force --recursive $LE_STAGING_DIRECTORY
+            mv $LE_FP_DIRECTORY $LE_STAGING_DIRECTORY
+        fi
+    else
+        # case 2.1
+        echo "  $LE_STAGING_DIRECTORY does not exist"
+        diff --brief --recursive $LE_FP_DIRECTORY $LE_DIRECTORY
+        DIFFERS=$?
+        if [ $DIFFERS -eq 0 ]
+        then
+            # case 2.1.2
+            echo "    $LE_FP_DIRECTORY is the same as $LE_DIRECTORY"
+            echo "    removing $LE_FP_DIRECTORY"
+            rm --force --recursive $LE_FP_DIRECTORY
+        else
+            # case 2.1.1
+            echo "    $LE_FP_DIRECTORY differs from $LE_DIRECTORY"
+            echo "    moving $LE_FP_DIRECTORY to $LE_STAGING_DIRECTORY"
+            mv $LE_FP_DIRECTORY $LE_STAGING_DIRECTORY
+        fi
+    fi
+else
+    # case 1
+    echo "$LE_DIRECTORY does not exist"
+    echo "moving $LE_FP_DIRECTORY to $LE_DIRECTORY"
+    mv $LE_FP_DIRECTORY $LE_DIRECTORY
+    openssl pkcs12 -export \
+                   -in $CERT_FILE \
+                   -inkey $KEY_FILE \
+                   -out $P12_FILE \
+                   -name slycrm \
+                   -passout pass:password
+fi

diff --git a/sources/slycrm.in/c3d/postinstall/scripts/10_setupservices.sh b/sources/slycrm.in/c3d/postinstall/scripts/10_setupservices.sh
index e32d79437bbd27db5122b0d291b7c30f1e68e1f4..1b252931d4247a973856778774720ab64163d913 100755 (executable)
--- a/sources/slycrm.in/c3d/postinstall/scripts/10_setupservices.sh
+++ b/sources/slycrm.in/c3d/postinstall/scripts/10_setupservices.sh
@@ -1,6 +1,7 @@
 #!/bin/sh
 
 
+systemctl disable gdftp.service
 systemctl disable slycrm.service
 systemctl disable NetworkManager-wait-online.service
 

diff --git a/sources/slycrm.in/envvars b/sources/slycrm.in/envvars
index eed3da3615d99a1b780afc5cbdec3be4e630039a..f775e090faff579a37c4de5f379d58bd1ef248b1 100644 (file)
--- a/sources/slycrm.in/envvars
+++ b/sources/slycrm.in/envvars
@@ -1,10 +1,11 @@
 DISTRIBUTION=Fedora
 DISTRIBUTION_VERSION=41
-SPEC_PACKAGES="java-1.8.0-openjdk-headless \
-               java-11-openjdk-headless \
-               java-17-openjdk-headless \
-               java-latest-openjdk-headless \
+SPEC_PACKAGES="cronie \
+               java-1.8.0-openjdk-headless \
+               java-21-openjdk-headless \
                mc \
                openssh-clients \
                openssh-server \
+               openssl \
+               rsync \
                sudo"