Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | set -e |
| 3 | |
| 4 | until dig +short mailcow.email > /dev/null; do |
| 5 | echo "Waiting for DNS..." |
| 6 | sleep 1 |
| 7 | done |
| 8 | |
| 9 | until nc phpfpm 9001 -z; do |
| 10 | echo "Waiting for PHP on port 9001..." |
| 11 | sleep 3 |
| 12 | done |
| 13 | |
| 14 | until nc phpfpm 9002 -z; do |
| 15 | echo "Waiting for PHP on port 9002..." |
| 16 | sleep 3 |
| 17 | done |
| 18 | |
| 19 | # Wait for MySQL to warm-up |
| 20 | while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do |
| 21 | echo "Waiting for database to come up..." |
| 22 | sleep 2 |
| 23 | done |
| 24 | |
| 25 | # We dont want to give global write access to ejabberd in this directory |
| 26 | chown -R root:root /var/www/authentication |
| 27 | |
| 28 | [ ! -f /sqlite/sqlite.db ] && cp /sqlite/sqlite_template.db /sqlite/sqlite.db |
| 29 | |
| 30 | [ ! -d /ejabberd_ssl ] && mkdir /ejabberd_ssl |
| 31 | cp /ssl/cert.pem /ejabberd_ssl/cert.pem |
| 32 | cp /ssl/key.pem /ejabberd_ssl/key.pem |
| 33 | |
| 34 | # Write access to upload directory and log file for authenticator |
| 35 | touch /var/www/authentication/auth.log |
| 36 | chown -R ejabberd:ejabberd /var/www/upload \ |
| 37 | /var/www/authentication/auth.log \ |
| 38 | /sqlite \ |
| 39 | /ejabberd_ssl |
| 40 | |
| 41 | # ACL file for vhosts, hosts file for vhosts |
| 42 | touch /ejabberd/ejabberd_acl.yml \ |
| 43 | /ejabberd/ejabberd_hosts.yml \ |
| 44 | /ejabberd/ejabberd_macros.yml |
| 45 | chmod 644 /ejabberd/ejabberd_acl.yml \ |
| 46 | /ejabberd/ejabberd_hosts.yml \ |
| 47 | /ejabberd/ejabberd_macros.yml |
| 48 | chown 82:82 /ejabberd/ejabberd_acl.yml \ |
| 49 | /ejabberd/ejabberd_hosts.yml |
| 50 | chown 82:82 /ejabberd |
| 51 | |
| 52 | cat <<EOF > /ejabberd/ejabberd_api.yml |
| 53 | # Autogenerated by mailcow |
| 54 | api_permissions: |
| 55 | "Reload by mailcow": |
| 56 | who: |
| 57 | - ip: "${IPV4_NETWORK}.0/24" |
| 58 | what: |
| 59 | - "reload_config" |
| 60 | - "restart" |
| 61 | - "list_certificates" |
| 62 | - "list_cluster" |
| 63 | - "join_cluster" |
| 64 | - "leave_cluster" |
| 65 | - "backup" |
| 66 | - "status" |
| 67 | - "stats" |
| 68 | - "muc_online_rooms" |
| 69 | EOF |
| 70 | |
| 71 | cat <<EOF > /ejabberd/ejabberd_macros.yml |
| 72 | # Autogenerated by mailcow |
| 73 | define_macro: |
| 74 | 'MAILCOW_HOSTNAME': "${MAILCOW_HOSTNAME}" |
| 75 | 'EJABBERD_HTTPS': ${XMPP_HTTPS_PORT} |
| 76 | EOF |
| 77 | |
| 78 | # Set open_basedir |
| 79 | sed -i 's/;open_basedir =/open_basedir = \/var\/www\/authentication/g' /etc/php7/php.ini |
| 80 | |
| 81 | sed -i "s/__DBUSER__/${DBUSER}/g" /var/www/authentication/vendor/leesherwood/ejabberd-php-auth/src/CommandExecutors/mailcowCommandExecutor.php |
| 82 | sed -i "s/__DBPASS__/${DBPASS}/g" /var/www/authentication/vendor/leesherwood/ejabberd-php-auth/src/CommandExecutors/mailcowCommandExecutor.php |
| 83 | sed -i "s/__DBNAME__/${DBNAME}/g" /var/www/authentication/vendor/leesherwood/ejabberd-php-auth/src/CommandExecutors/mailcowCommandExecutor.php |
| 84 | |
| 85 | # Run hooks |
| 86 | for file in /hooks/*; do |
| 87 | if [ -x "${file}" ]; then |
| 88 | echo "Running hook ${file}" |
| 89 | "${file}" |
| 90 | fi |
| 91 | done |
| 92 | |
| 93 | alias ejabberdctl="su-exec ejabberd /home/ejabberd/bin/ejabberdctl --node ejabberd@${MAILCOW_HOSTNAME}" |
| 94 | |
| 95 | if [[ -z "$(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -B -e 'SELECT domain FROM domain WHERE xmpp = 1')" ]]; then |
| 96 | echo "No XMPP host configured, sleeping the sleep of the righteous, waiting for someone to wake me up..." |
| 97 | exec su-exec ejabberd tini -g -- sleep 365d |
| 98 | fi |
| 99 | |
| 100 | exec su-exec ejabberd tini -g -- /home/ejabberd/bin/ejabberdctl --node ejabberd@${MAILCOW_HOSTNAME} foreground |