install/mattermost
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

install-mattermost.sh: add support for postgreSQL.

Browse Source
This commit is contained in:
Christoph
2024-09-23 15:30:09 +02:00
parent ef78057ee0
commit ea7d6ba2a6
1 changed files with 518 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

422
install-mattermost.sh
View File

@@ -205,6 +205,8 @@ DEFAULT_MATTERMOST_USER="mattermost"
DEFAULT_DB_NAME="mattermost" DEFAULT_DB_NAME="mattermost"
DEFAULT_DB_USER="mattermost" DEFAULT_DB_USER="mattermost"
DEFAUTL_DB_TYPE="psql"
# generate random password # generate random password
regexp_digit="([23456789].*){2}" regexp_digit="([23456789].*){2}"
regexp_special_char="([-_%+].*){2}" regexp_special_char="([-_%+].*){2}"
@@ -242,6 +244,22 @@ fi
[[ -n "$FQHN_HOSTNAME" ]] && DEFAULT_FQHN_HOSTNAME="$FQHN_HOSTNAME" [[ -n "$FQHN_HOSTNAME" ]] && DEFAULT_FQHN_HOSTNAME="$FQHN_HOSTNAME"
if [[ -n "$DB_TYPE" ]] ; then
if [[ "${DB_TYPE,,}" = "postgres" ]] || [[ "${DB_TYPE,,}" = "postgresql" ]] || [[ "${DB_TYPE,,}" = "pgsql" ]] || [[ "${DB_TYPE,,}" = "psql" ]] ; then
DEFAULT_DB_TYPE=pgsql
elif [[ "${DB_TYPE,,}" = "mysql" ]] ; then
DEFAULT_DB_TYPE=mysql
else
fatal "Wrong or empty Database Type (DB_TYPE) - must be 'mysql' or 'pgsql'."
fi
else
DEFAULT_DB_TYPE=pgsql
fi
[[ -n "$DB_NAME" ]] && DEFAULT_DB_NAME="$DB_NAME" [[ -n "$DB_NAME" ]] && DEFAULT_DB_NAME="$DB_NAME"
[[ -n "$DB_USER" ]] && DEFAULT_DB_NAME="$DB_USER" [[ -n "$DB_USER" ]] && DEFAULT_DB_NAME="$DB_USER"
[[ -n "$DB_PASS" ]] && DEFAULT_DB_PASS="$DB_PASS" [[ -n "$DB_PASS" ]] && DEFAULT_DB_PASS="$DB_PASS"
@@ -344,6 +362,45 @@ do
done done
DB_TYPE=""
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Choose Database Type"
echo ""
if [[ "$DEFAULT_DB_TYPE" = "mysql" ]]; then
echo -e "\033[3G\033[37m\033[1m[1] MySQL\033[m"
else
echo -e "\033[3G[1] MySQL"
fi
if [[ "$DEFAULT_DB_TYPE" = "pgsql" ]] ; then
echo -e "\033[3G[2] \033[37m\033[1mPostgeSQL\033[m"
else
echo -e "\033[3G[2] PostgeSQL"
fi
echo ""
echo "Type a number or press <RETURN> to choose highlighted value"
echo ""
echononl "Eingabe: "
while [ "$DB_TYPE" != "mysql" -a "$DB_TYPE" != "pgsql" ]; do
read OPTION
case $OPTION in
1)
DB_TYPE="mysql"
;;
2)
DB_TYPE="pgsql"
;;
'') DB_TYPE=$DEFAULT_DB_TYPE
;;
*)
echo ""
echo -e "\033[3GFalsche Eingabe ! [ 1 = MySQL ; 2 = PostgreSQL ] or type <RETURN>"
echo ""
echononl "Eingabe: "
;;
esac
done
DB_NAME= DB_NAME=
@@ -418,7 +475,7 @@ else
done done
fi fi
if [[ "$DB_TYPE" = "mysql" ]] ; then
if [[ -n "$MYSQL_CREDENTIAL_ARGS" ]] ; then if [[ -n "$MYSQL_CREDENTIAL_ARGS" ]] ; then
if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then
fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!" fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!"
@@ -453,7 +510,7 @@ else
fi fi
done done
fi fi
fi
echo "" echo ""
@@ -469,12 +526,20 @@ echo -e "\tMattermost user..........: $MATTERMOST_USER"
echo -e "\tMattermost group.........: $MATTERMOST_GROUP" echo -e "\tMattermost group.........: $MATTERMOST_GROUP"
echo "" echo ""
echo "" echo ""
if [[ "${DB_TYPE}" = "pgsql" ]] ; then
echo -e "\tDatabase Type............: PostgreSQL"
else
echo -e "\tDatabase Type............: MySQL"
fi
echo ""
if [[ "${DB_TYPE}" = "mysql" ]]; then
if $USE_MYSQL_CREDENTIAL_ARGS ; then if $USE_MYSQL_CREDENTIAL_ARGS ; then
echo -e "\tMYSQL_CREDENTIAL_ARGS....: $MYSQL_CREDENTIAL_ARGS" echo -e "\tMYSQL_CREDENTIAL_ARGS....: $MYSQL_CREDENTIAL_ARGS"
else else
echo -e "\tRoot password MySQL......: **" echo -e "\tRoot password MySQL......: **"
fi fi
echo "" echo ""
fi
echo -e "\tDatabase Name............: $DB_NAME" echo -e "\tDatabase Name............: $DB_NAME"
echo -e "\tDatabase User............: $DB_USER" echo -e "\tDatabase User............: $DB_USER"
echo -e "\tDatabase Password........: $DB_PASS" echo -e "\tDatabase Password........: $DB_PASS"
@@ -519,9 +584,19 @@ if $nginx_installed ; then
echo -e "\033[85G[ \033[32mYES\033[m ]" echo -e "\033[85G[ \033[32mYES\033[m ]"
else else
echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]" echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
fi fi
_failed=false _failed=false
if [[ "${DB_TYPE}" = "mysql" ]]; then
echononl "Check if MySQL Database Service is installed.." echononl "Check if MySQL Database Service is installed.."
if $(dpkg -s mysql-server > "$log_file" 2>&1) ; then if $(dpkg -s mysql-server > "$log_file" 2>&1) ; then
mysql_server_installed=true mysql_server_installed=true
@@ -532,6 +607,37 @@ if $mysql_server_installed ; then
echo -e "\033[85G[ \033[32mYES\033[m ]" echo -e "\033[85G[ \033[32mYES\033[m ]"
else else
echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]" echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
fi
else
echononl "Check if PostgreSQL Database Service is installed.."
if $(dpkg -s postgresql > "$log_file" 2>&1) ; then
postgresql_server_installed=true
else
postgresql_server_installed=false
fi
if $postgresql_server_installed ; then
echo -e "\033[85G[ \033[32mYES\033[m ]"
else
echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
fi
fi fi
@@ -603,7 +709,9 @@ fi
blank_line blank_line
echononl "Create Database User '${DB_USER}' with Password '${DB_PASS}'.."
if [[ "${DB_TYPE}" = "mysql" ]] ; then
echononl "Create MySQL Database User '${DB_USER}' with Password '${DB_PASS}'.."
if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \ if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \
"SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '$DB_USER')" 2>/dev/null)" = 1 ]]; then "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '$DB_USER')" 2>/dev/null)" = 1 ]]; then
echo_skipped echo_skipped
@@ -618,7 +726,7 @@ else
fi fi
fi fi
echononl "Create Database '${DB_NAME}'.." echononl "Create MySQL Database '${DB_NAME}'.."
if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \ if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \
"SHOW DATABASES LIKE '${DB_NAME}'" 2>/dev/null)" = "${DB_NAME}" ]]; then "SHOW DATABASES LIKE '${DB_NAME}'" 2>/dev/null)" = "${DB_NAME}" ]]; then
@@ -652,6 +760,149 @@ if [[ $? -ne 0 ]]; then
else else
echo_ok echo_ok
fi fi
else
# Check if PostgreSQL database '$DB_NAME' exists ..
#
count=$(su - postgres -c "psql -q -A -t -l" | grep -c -e "^$DB_NAME")
if [[ $count -eq 0 ]];then
database_exists=false
else
database_exists=true
fi
# sudo -u postgres psql -c "CREATE DATABASE ${DB_NAME};" > $log_file 2>&1
# sudo -u postgres psql -c "CREATE USER ${DB_USER} WITH PASSWORD '${DB_PASS}';" > $log_file 2>&1
# sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE ${DB_NAME} to ${DB_USER};" > $log_file 2>&1
# sudo -u postgres psql -c "ALTER DATABASE ${DB_NAME} OWNER TO ${DB_USER};" > $log_file 2>&1
# sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${DB_USER};" > $log_file 2>&1
echononl "Create PostgreSQL database '${DB_NAME}'.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "CREATE DATABASE ${DB_NAME};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Create PostgreSQL database user ${DB_USER}.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "CREATE USER ${DB_USER} WITH PASSWORD '${DB_PASS}';" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Grant the user access to the Mattermost database.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE ${DB_NAME} to ${DB_USER};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Change the owner of database '${DB_NAME}' to '${DB_USER}'.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "ALTER DATABASE ${DB_NAME} OWNER TO ${DB_USER};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Grant access to objects contained in the specified schema.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${DB_USER};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
fi
echo echo
@@ -756,6 +1007,7 @@ echo -e "\033[37m\033[1mConfigure Mattermost - file '/opt/mattermost/config/conf
echo echo
echononl "Set up 'SqlSettings'.." echononl "Set up 'SqlSettings'.."
if [[ "${DB_TYPE}" = "mysql" ]] ; then
if ! $(grep -q -E "^\s*\"DriverName\":\s+mysql" /opt/mattermost/config/config.json 2> "$log_file") ; then if ! $(grep -q -E "^\s*\"DriverName\":\s+mysql" /opt/mattermost/config/config.json 2> "$log_file") ; then
_found=false _found=false
@@ -799,9 +1051,56 @@ EOF
else else
echo_skipped echo_skipped
fi fi
else
if ! $(grep -q -E "^\s*\"DriverName\":\s+postgres" /opt/mattermost/config/config.json 2> "$log_file") ; then
_found=false
:> ${LOCK_DIR}/config.json
:> $log_file
while IFS='' read -r _line || [[ -n $_line ]] ; do
if $_found && echo "$_line" | grep -iq -E "^\s*\"DriverName\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"DriverName": "postgres",
EOF
elif $_found && echo "$_line" | grep -iq -E "^\s*\"DataSource\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"DataSource": "postgres://${DB_USER}:${DB_PASS}@localhost:5432/${DB_NAME}?sslmode=disable\\u0026connect_timeout=100s",
EOF
else
echo "$_line" >> ${LOCK_DIR}/config.json 2> "$log_file"
fi
if ! $_found && echo "$_line" | grep -iq -E "^\s*\"SqlSettings\"" 2> /dev/null ; then
_found=true
fi
if $_found && echo "$_line" | grep -iq -E "^\s*\}," 2> /dev/null ; then
_found=false
fi
done < "/opt/mattermost/config/config.json"
cp -a "${LOCK_DIR}/config.json" /opt/mattermost/config/config.json >> "$log_file" 2>&1
if [[ -s "$log_file" ]] ; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
:
fi
echononl "Set up 'ServiceSettings'.." echononl "Set up 'ServiceSettings'.."
if ! $(grep -q -E "^\s*\"DriverName\":\s+mysql" /opt/mattermost/config/config.json 2> "$log_file") ; then if ! $(grep -q -E "^\s*\"SiteURL\":\s+\"https://${FQHN_HOSTNAME}\"" /opt/mattermost/config/config.json 2> "$log_file") ; then
_found=false _found=false
:> ${LOCK_DIR}/config.json :> ${LOCK_DIR}/config.json
@@ -861,6 +1160,7 @@ echo -e "\033[37m\033[1mSetup Mattermost to use systemd for starting and stoppin
echo echo
echononl "Create a systemd unit file.." echononl "Create a systemd unit file.."
if [[ "${DB_TYPE}" = "mysql" ]] ; then
cat <<EOF > /etc/systemd/system//mattermost.service 2>"$log_file" cat <<EOF > /etc/systemd/system//mattermost.service 2>"$log_file"
[Unit] [Unit]
Description=Mattermost Description=Mattermost
@@ -872,6 +1172,7 @@ Requires=mysql.service
Type=notify Type=notify
ExecStart=/opt/mattermost/bin/mattermost ExecStart=/opt/mattermost/bin/mattermost
TimeoutStartSec=3600 TimeoutStartSec=3600
KillMode=mixed
Restart=always Restart=always
RestartSec=10 RestartSec=10
WorkingDirectory=/opt/mattermost WorkingDirectory=/opt/mattermost
@@ -888,6 +1189,35 @@ if [[ -s "$log_file" ]] ; then
else else
echo_ok echo_ok
fi fi
else
cat <<EOF > /etc/systemd/system//mattermost.service 2>"$log_file"
[Unit]
Description=Mattermost
After=network.target
[Service]
Type=notify
ExecStart=/opt/mattermost/bin/mattermost
TimeoutStartSec=3600
KillMode=mixed
Restart=always
RestartSec=10
WorkingDirectory=/opt/mattermost
User=mattermost
Group=mattermost
LimitNOFILE=49152
[Install]
WantedBy=multi-user.target
EOF
if [[ -s "$log_file" ]] ; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Make systemd load the new unit.." echononl "Make systemd load the new unit.."
@@ -964,6 +1294,8 @@ server {
server_name ${FQHN_HOSTNAME}; server_name ${FQHN_HOSTNAME};
http2_push_preload on; # Enable HTTP/2 Server Push
# Include location directive for Let's Encrypt ACME Challenge # Include location directive for Let's Encrypt ACME Challenge
# #
# Needed for (automated) updating certificate # Needed for (automated) updating certificate
@@ -983,22 +1315,26 @@ server {
# #
ssl_dhparam /etc/nginx/ssl/dhparam.pem; ssl_dhparam /etc/nginx/ssl/dhparam.pem;
# Eable session resumption to improve https performance # Enable TLS versions (TLSv1.3 is required upcoming HTTP/3 QUIC).
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 10m;
ssl_session_tickets off;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # omit SSLv3 because of POODLE
# omit SSLv3 because of POODLE
# omit TLSv1 TLSv1.1
ssl_protocols TLSv1.2 TLSv1.3; ssl_protocols TLSv1.2 TLSv1.3;
# Enable TLSv1.3's 0-RTT. Use \$ssl_early_data when reverse proxying to
# prevent replay attacks.
#
# @see: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data
ssl_early_data on;
# ECDHE better than DHE (faster) ECDHE & DHE GCM better than CBC (attacks on AES) # ECDHE better than DHE (faster) ECDHE & DHE GCM better than CBC (attacks on AES)
# Everything better than SHA1 (deprecated) # Everything better than SHA1 (deprecated)
# #
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
# Eable session resumption to improve https performance
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 10m;
ssl_session_tickets off;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
# #
add_header Strict-Transport-Security max-age=15768000; add_header Strict-Transport-Security max-age=15768000;
@@ -1008,11 +1344,13 @@ server {
ssl_stapling on; ssl_stapling on;
ssl_stapling_verify on; ssl_stapling_verify on;
location ~ /api/v[0-9]+/(users/)?websocket$ { add_header X-Early-Data \$tls1_3_early_data;
location ~ /api/v[0-9]+/(users/)?websocket\$ {
proxy_set_header Upgrade \$http_upgrade; proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
client_max_body_size 50M; client_max_body_size 50M;
proxy_set_header Host \$http_host; proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme; proxy_set_header X-Forwarded-Proto \$scheme;
@@ -1020,18 +1358,19 @@ server {
proxy_buffers 256 16k; proxy_buffers 256 16k;
proxy_buffer_size 16k; proxy_buffer_size 16k;
client_body_timeout 60; client_body_timeout 60;
send_timeout 300; send_timeout 300s;
lingering_timeout 5; lingering_timeout 5;
proxy_connect_timeout 90; proxy_connect_timeout 90s;
proxy_send_timeout 300; proxy_send_timeout 300s;
proxy_read_timeout 90s; proxy_read_timeout 90s;
proxy_http_version 1.1;
proxy_pass http://mm_backend; proxy_pass http://mm_backend;
} }
location / { location / {
client_max_body_size 50M; client_max_body_size 100M;
proxy_set_header Connection ""; proxy_set_header Connection "";
proxy_set_header Host \$http_host; proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme; proxy_set_header X-Forwarded-Proto \$scheme;
@@ -1049,6 +1388,14 @@ server {
} }
} }
# This block is useful for debugging TLS v1.3. Please feel free to remove this
# and use the '\$ssl_early_data' variable exposed by NGINX directly should you
# wish to do so.
map \$ssl_early_data \$tls1_3_early_data {
"~." \$ssl_early_data;
default "";
}
EOF EOF
if [[ $? -ne 0 ]]; then if [[ $? -ne 0 ]]; then
echo_failed echo_failed
@@ -1203,6 +1550,41 @@ EOF
fi fi
_key="DB_TYPE"
_val="$DB_TYPE"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}=${_val}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="DB_NAME" _key="DB_NAME"
_val="$DB_NAME" _val="$DB_NAME"
echononl "Update Parameter '$_key'.." echononl "Update Parameter '$_key'.."