isabelle: src/Pure/Tools/phabricator.scala@cfcc1a2233ca (annotated)

70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	1	/* Title: Pure/Tools/phabricator.scala
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	2	Author: Makarius
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	3
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	4	Support for Phabricator server, notably for Ubuntu 18.04 LTS.
510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	5
510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	6	See also:
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	7	- https://www.phacility.com/phabricator
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	8	- https://secure.phabricator.com/book/phabricator
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	9	*/
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	10
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	11	package isabelle
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	12
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	13
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	14	import scala.util.matching.Regex
a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	15
a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	16
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	17	object Phabricator
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	18	{
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	19	/ defaults /
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	20
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	21	/* required packages */
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	22
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	23	val packages: List[String] =
71265 6ca561001244 support for pwgen; wenzelm parents: 71135 diff changeset	24	Build_Docker.packages ::: Linux.packages :::
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	25	List(
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	26	// https://secure.phabricator.com/source/phabricator/browse/master/scripts/install/install_ubuntu.sh 15e6e2adea61
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	27	"git", "mysql-server", "apache2", "libapache2-mod-php", "php", "php-mysql",
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	28	"php-gd", "php-curl", "php-apcu", "php-cli", "php-json", "php-mbstring",
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	29	// more packages
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	30	"php-zip", "python-pygments", "ssh", "subversion",
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	31	// mercurial build packages
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	32	"make", "gcc", "python", "python-dev", "python-docutils", "python-pygments", "python-openssl")
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	33
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	34
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	35	/* global system resources */
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	36
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	37	val www_user = "www-data"
510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	38
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	39	val daemon_user = "phabricator"
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	40
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	41	val sshd_config = Path.explode("/etc/ssh/sshd_config")
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	42
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	43
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	44	/* installation parameters */
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	45
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	46	val default_name = "vcs"
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	47
71052 6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	48	def phabricator_name(name: String = "", ext: String = ""): String =
6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	49	"phabricator" + (if (name.isEmpty) "" else "-" + name) + (if (ext.isEmpty) "" else "." + ext)
6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	50
6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	51	def isabelle_phabricator_name(name: String = "", ext: String = ""): String =
6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	52	"isabelle-" + phabricator_name(name = name, ext = ext)
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	53
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	54	def default_root(name: String): Path =
510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	55	Path.explode("/var/www") + Path.basic(phabricator_name(name = name))
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	56
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	57	def default_repo(name: String): Path = default_root(name) + Path.basic("repo")
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	58
71072 22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	59	val default_mailers: Path = Path.explode("mailers.json")
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	60
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	61	val default_system_port = 22
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	62	val alternative_system_port = 222
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	63	val default_server_port = 2222
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	64
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	65	val standard_mercurial_source = "https://www.mercurial-scm.org/release/mercurial-5.2.1.tar.gz"
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	66
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	67
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	68
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	69	/ global configuration /
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	70
71052 6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	71	val global_config = Path.explode("/etc/" + isabelle_phabricator_name(ext = "conf"))
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	72
71122 730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	73	def global_config_script(
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	74	init: String = "",
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	75	body: String = "",
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	76	exit: String = ""): String =
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	77	{
71282 de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	78	"""#!/bin/bash
de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	79
71122 730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	80	{""" + (if (init.nonEmpty) "\n" + Library.prefix_lines(" ", init) else "") + """
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	81	while { unset REPLY; read -r; test "$?" = 0 -o -n "$REPLY"; }
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	82	do
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	83	NAME="$(echo "$REPLY" \| cut -d: -f1)"
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	84	ROOT="$(echo "$REPLY" \| cut -d: -f2)"
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	85	""" + Library.prefix_lines(" ", body) + """
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	86	done""" +
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	87	(if (exit.nonEmpty) "\n" + Library.prefix_lines(" ", exit) else "") + """
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	88	} < """ + File.bash_path(global_config) + """
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	89	"""
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	90	}
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	91
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	92	sealed case class Config(name: String, root: Path)
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	93	{
71052 6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	94	def home: Path = root + Path.explode(phabricator_name())
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	95
a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	96	def execute(command: String): Process_Result =
71102 3d228a3a88e0 tuned; wenzelm parents: 71101 diff changeset	97	Isabelle_System.bash("bin/" + command, cwd = home.file, redirect = true).check
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	98	}
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	99
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	100	def read_config(): List[Config] =
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	101	{
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	102	if (global_config.is_file) {
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	103	for (entry <- Library.trim_split_lines(File.read(global_config)) if entry.nonEmpty)
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	104	yield {
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	105	space_explode(':', entry) match {
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	106	case List(name, root) => Config(name, Path.explode(root))
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	107	case _ => error("Malformed config file " + global_config + "\nentry " + quote(entry))
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	108	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	109	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	110	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	111	else Nil
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	112	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	113
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	114	def write_config(configs: List[Config])
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	115	{
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	116	File.write(global_config,
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	117	configs.map(config => config.name + ":" + config.root.implode).mkString("", "\n", "\n"))
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	118	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	119
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	120	def get_config(name: String): Config =
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	121	read_config().find(config => config.name == name) getOrElse
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	122	error("Bad Isabelle/Phabricator installation " + quote(name))
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	123
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	124
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	125
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	126	/ command-line tools /
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	127
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	128	/* Isabelle tool wrapper */
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	129
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	130	val isabelle_tool1 =
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	131	Isabelle_Tool("phabricator", "invoke command-line tool within Phabricator home directory", args =>
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	132	{
71101 67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	133	var list = false
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	134	var name = default_name
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	135
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	136	val getopts =
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	137	Getopts("""
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	138	Usage: isabelle phabricator [OPTIONS] COMMAND [ARGS...]
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	139
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	140	Options are:
71101 67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	141	-l list available Phabricator installations
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	142	-n NAME Phabricator installation name (default: """ + quote(default_name) + """)
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	143
71103 c073c4e79518 more documentation; wenzelm parents: 71102 diff changeset	144	Invoke a command-line tool within the home directory of the named
c073c4e79518 more documentation; wenzelm parents: 71102 diff changeset	145	Phabricator installation.
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	146	""",
71101 67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	147	"l" -> (_ => list = true),
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	148	"n:" -> (arg => name = arg))
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	149
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	150	val more_args = getopts(args)
71101 67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	151	if (more_args.isEmpty && !list) getopts.usage()
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	152
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	153	val progress = new Console_Progress
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	154
71101 67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	155	if (list) {
67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	156	for (config <- read_config()) {
71103 c073c4e79518 more documentation; wenzelm parents: 71102 diff changeset	157	progress.echo("phabricator " + quote(config.name) + " root " + config.root)
71101 67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	158	}
67c2fed5b0e9 more options; wenzelm parents: 71098 diff changeset	159	}
71276 b4401dfd6544 clarified "isabelle phabricator -l": avoid surprise with non-existent default installation; wenzelm parents: 71274 diff changeset	160	else {
b4401dfd6544 clarified "isabelle phabricator -l": avoid surprise with non-existent default installation; wenzelm parents: 71274 diff changeset	161	val config = get_config(name)
b4401dfd6544 clarified "isabelle phabricator -l": avoid surprise with non-existent default installation; wenzelm parents: 71274 diff changeset	162	val result = progress.bash(Bash.strings(more_args), cwd = config.home.file, echo = true)
b4401dfd6544 clarified "isabelle phabricator -l": avoid surprise with non-existent default installation; wenzelm parents: 71274 diff changeset	163	if (!result.ok) error("Return code: " + result.rc.toString)
b4401dfd6544 clarified "isabelle phabricator -l": avoid surprise with non-existent default installation; wenzelm parents: 71274 diff changeset	164	}
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	165	})
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	166
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	167
d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	168
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	169	/ setup /
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	170
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	171	def user_setup(name: String, description: String, ssh_setup: Boolean = false)
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	172	{
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	173	if (!Linux.user_exists(name)) {
71054 b64fc38327ae prefer system user setup, e.g. avoid occurrence on login screen; wenzelm parents: 71053 diff changeset	174	Linux.user_add(name, description = description, system = true, ssh_setup = ssh_setup)
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	175	}
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	176	else if (Linux.user_description(name) != description) {
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	177	error("User " + quote(name) + " already exists --" +
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	178	" for Phabricator it should have the description:\n " + quote(description))
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	179	}
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	180	}
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	181
71282 de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	182	def command_setup(name: String,
de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	183	init: String = "",
de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	184	body: String = "",
de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	185	exit: String = ""): Path =
71270 3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	186	{
3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	187	val command = Path.explode("/usr/local/bin") + Path.basic(name)
71282 de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	188	File.write(command, global_config_script(init = init, body = body, exit = exit))
71270 3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	189	Isabelle_System.chmod("755", command)
3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	190	Isabelle_System.chown("root:root", command)
3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	191	command
3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	192	}
3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	193
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	194	def mercurial_setup(mercurial_source: String, progress: Progress = No_Progress)
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	195	{
71281 5b3a813853bb tuned message; wenzelm parents: 71280 diff changeset	196	progress.echo("\nMercurial installation from source " + quote(mercurial_source) + " ...")
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	197	Isabelle_System.with_tmp_dir("mercurial")(tmp_dir =>
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	198	{
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	199	val archive =
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	200	if (Url.is_wellformed(mercurial_source)) {
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	201	val archive = tmp_dir + Path.basic("mercurial.tar.gz")
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	202	Bytes.write(archive, Url.read_bytes(Url(mercurial_source)))
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	203	archive
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	204	}
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	205	else Path.explode(mercurial_source)
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	206
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	207	Isabelle_System.gnutar("-xzf " + File.bash_path(archive), dir = tmp_dir).check
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	208
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	209	File.read_dir(tmp_dir).filter(name => (tmp_dir + Path.basic(name)).is_dir) match {
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	210	case List(dir) =>
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	211	val build_dir = tmp_dir + Path.basic(dir)
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	212	progress.bash("make all && make install", cwd = build_dir.file, echo = true).check
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	213	case dirs =>
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	214	error("Bad archive " + archive +
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	215	(if (dirs.isEmpty) "" else "\nmultiple directory entries " + commas_quote(dirs)))
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	216	}
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	217	})
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	218	}
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	219
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	220	def phabricator_setup(
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	221	name: String = default_name,
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	222	root: String = "",
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	223	repo: String = "",
71047 87c132cf5860 more options; wenzelm parents: 70970 diff changeset	224	package_update: Boolean = false,
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	225	mercurial_source: String = "",
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	226	progress: Progress = No_Progress)
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	227	{
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	228	/* system environment */
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	229
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	230	Linux.check_system_root()
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	231
71079 e06852132c1d tuned messages; wenzelm parents: 71078 diff changeset	232	progress.echo("System packages ...")
e06852132c1d tuned messages; wenzelm parents: 71078 diff changeset	233
71047 87c132cf5860 more options; wenzelm parents: 70970 diff changeset	234	if (package_update) {
87c132cf5860 more options; wenzelm parents: 70970 diff changeset	235	Linux.package_update(progress = progress)
87c132cf5860 more options; wenzelm parents: 70970 diff changeset	236	Linux.check_reboot_required()
87c132cf5860 more options; wenzelm parents: 70970 diff changeset	237	}
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	238
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	239	Linux.package_install(packages, progress = progress)
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	240	Linux.check_reboot_required()
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	241
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	242
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	243	if (mercurial_source.nonEmpty) {
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	244	for { name <- List("mercurial", "mercurial-common") if Linux.package_installed(name) } {
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	245	error("Cannot install Mercurial from source:" +
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	246	"package package " + quote(name) + " already installed")
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	247	}
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	248	mercurial_setup(mercurial_source, progress = progress)
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	249	}
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	250
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	251
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	252	/* users */
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	253
71125 beb781551a66 more sanity checks; wenzelm parents: 71124 diff changeset	254	if (name.contains((c: Char) => !(Symbol.is_ascii_letter(c) \|\| Symbol.is_ascii_digit(c))) \|\|
71269 7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	255	Set("", "ssh", "phd", "dump", daemon_user).contains(name)) {
71125 beb781551a66 more sanity checks; wenzelm parents: 71124 diff changeset	256	error("Bad installation name: " + quote(name))
71049 f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	257	}
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	258
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	259	user_setup(daemon_user, "Phabricator Daemon User", ssh_setup = true)
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	260	user_setup(name, "Phabricator SSH User")
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	261
f4b9dd5ab0cc more phabricator setup; wenzelm parents: 71047 diff changeset	262
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	263	/* basic installation */
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	264
71079 e06852132c1d tuned messages; wenzelm parents: 71078 diff changeset	265	progress.echo("\nPhabricator installation ...")
71076 8ac137c65776 tuned messages; wenzelm parents: 71075 diff changeset	266
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	267	val root_path = if (root.nonEmpty) Path.explode(root) else default_root(name)
510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	268	val repo_path = if (repo.nonEmpty) Path.explode(repo) else default_repo(name)
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	269
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	270	val configs = read_config()
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	271
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	272	for (config <- configs if config.name == name) {
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	273	error("Duplicate Phabricator installation " + quote(name) + " in " + config.root)
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	274	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	275
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	276	if (!Isabelle_System.bash("mkdir -p " + File.bash_path(root_path)).ok) {
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	277	error("Failed to create root directory " + root_path)
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	278	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	279
71116 aa1338a778c1 tuned; wenzelm parents: 71115 diff changeset	280	Isabelle_System.chown(Bash.string(www_user) + ":" + Bash.string(www_user), root_path)
aa1338a778c1 tuned; wenzelm parents: 71115 diff changeset	281	Isabelle_System.chmod("755", root_path)
aa1338a778c1 tuned; wenzelm parents: 71115 diff changeset	282
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	283	progress.bash(cwd = root_path.file, echo = true,
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	284	script = """
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	285	set -e
71126 18f87bdbc812 tuned message; wenzelm parents: 71125 diff changeset	286	echo "Cloning distribution repositories:"
71283 cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	287	git clone --branch stable https://github.com/phacility/libphutil.git
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	288	git clone --branch stable https://github.com/phacility/arcanist.git
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	289	git clone --branch stable https://github.com/phacility/phabricator.git
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	290	""").check
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	291
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	292	val config = Config(name, root_path)
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	293	write_config(configs ::: List(config))
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	294
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	295	config.execute("config set pygments.enabled true")
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	296
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	297
71050 8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	298	/* local repository directory */
8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	299
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	300	progress.echo("\nRepository hosting setup ...")
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	301
71050 8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	302	if (!Isabelle_System.bash("mkdir -p " + File.bash_path(repo_path)).ok) {
8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	303	error("Failed to create local repository directory " + repo_path)
8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	304	}
8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	305
71114 6cfec8029831 clarified signature; wenzelm parents: 71112 diff changeset	306	Isabelle_System.chown(
6cfec8029831 clarified signature; wenzelm parents: 71112 diff changeset	307	"-R " + Bash.string(daemon_user) + ":" + Bash.string(daemon_user), repo_path)
6cfec8029831 clarified signature; wenzelm parents: 71112 diff changeset	308	Isabelle_System.chmod("755", repo_path)
71050 8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	309
8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	310	config.execute("config set repository.default-local-path " + File.bash_path(repo_path))
8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	311
8198ceef0301 more phabricator setup; wenzelm parents: 71049 diff changeset	312
71277 74cabc06cf2d proper support for multiple installations; wenzelm parents: 71276 diff changeset	313	val sudoers_file =
74cabc06cf2d proper support for multiple installations; wenzelm parents: 71276 diff changeset	314	Path.explode("/etc/sudoers.d") + Path.basic(isabelle_phabricator_name(name = name))
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	315	File.write(sudoers_file,
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	316	www_user + " ALL=(" + daemon_user + ") SETENV: NOPASSWD: /usr/bin/git, /usr/local/bin/hg, /usr/bin/hg, /usr/bin/ssh, /usr/bin/id\n" +
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	317	name + " ALL=(" + daemon_user + ") SETENV: NOPASSWD: /usr/bin/git, /usr/bin/git-upload-pack, /usr/bin/git-receive-pack, /usr/local/bin/hg, /usr/bin/hg, /usr/bin/svnserve, /usr/bin/ssh, /usr/bin/id\n")
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	318
71115 3199c08e6413 tuned; wenzelm parents: 71114 diff changeset	319	Isabelle_System.chmod("440", sudoers_file)
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	320
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	321	config.execute("config set diffusion.ssh-user " + Bash.string(config.name))
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	322
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	323
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	324	/* MySQL setup */
a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	325
71079 e06852132c1d tuned messages; wenzelm parents: 71078 diff changeset	326	progress.echo("\nMySQL setup ...")
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	327
71055 27a998cdc0f4 back to plain name, to have it accepted my mysql; wenzelm parents: 71054 diff changeset	328	File.write(Path.explode("/etc/mysql/mysql.conf.d/" + phabricator_name(ext = "cnf")),
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	329	"""[mysqld]
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	330	max_allowed_packet = 32M
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	331	innodb_buffer_pool_size = 1600M
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	332	local_infile = 0
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	333	""")
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	334
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	335	Linux.service_restart("mysql")
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	336
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	337
71266 8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	338	def mysql_conf(R: Regex, which: String): String =
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	339	{
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	340	val conf = Path.explode("/etc/mysql/debian.cnf")
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	341	split_lines(File.read(conf)).collectFirst({ case R(a) => a }) match {
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	342	case Some(res) => res
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	343	case None => error("Cannot determine " + which + " from " + conf)
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	344	}
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	345	}
a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	346
71266 8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	347	val mysql_root_user = mysql_conf("""^user\s=\s(\S)\s$""".r, "superuser name")
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	348	val mysql_root_password = mysql_conf("""^password\s=\s(\S)\s$""".r, "superuser password")
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	349
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	350	val mysql_name = phabricator_name(name = name).replace("-", "_")
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	351	val mysql_user_string = SQL.string(mysql_name) + "@'localhost'"
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	352	val mysql_password = Linux.generate_password()
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	353
71266 8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	354	Isabelle_System.bash("mysql --user=" + Bash.string(mysql_root_user) +
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	355	" --password=" + Bash.string(mysql_root_password) + " --execute=" +
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	356	Bash.string(
71274 5212ca49598a more robust; wenzelm parents: 71273 diff changeset	357	"""DROP USER IF EXISTS """ + mysql_user_string + "; " +
5212ca49598a more robust; wenzelm parents: 71273 diff changeset	358	"""CREATE USER """ + mysql_user_string +
71266 8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	359	""" IDENTIFIED BY """ + SQL.string(mysql_password) + """ PASSWORD EXPIRE NEVER; """ +
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	360	"""GRANT ALL ON `""" + (mysql_name + "_%").replace("_", "\\_") +
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	361	"""`.* TO """ + mysql_user_string + ";")).check
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	362
71266 8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	363	config.execute("config set mysql.user " + Bash.string(mysql_name))
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	364	config.execute("config set mysql.pass " + Bash.string(mysql_password))
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	365
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	366	config.execute("config set phabricator.cache-namespace " + Bash.string(mysql_name))
8451c86ffa85 proper mysql user setup: avoid superuser powers in production; wenzelm parents: 71265 diff changeset	367	config.execute("config set storage.default-namespace " + Bash.string(mysql_name))
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	368	config.execute("config set storage.mysql-engine.max-size 8388608")
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	369
71102 3d228a3a88e0 tuned; wenzelm parents: 71101 diff changeset	370	progress.bash("bin/storage upgrade --force", cwd = config.home.file, echo = true).check
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	371
a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	372
71269 7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	373	/* database dump */
7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	374
7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	375	val dump_name = isabelle_phabricator_name(name = "dump")
71282 de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	376	command_setup(dump_name, body =
71269 7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	377	"""mkdir -p "$ROOT/database" && chown root:root "$ROOT/database" && chmod 700 "$ROOT/database"
7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	378	[ -e "$ROOT/database/dump.sql.gz" ] && mv -f "$ROOT/database/dump.sql.gz" "$ROOT/database/dump-old.sql.gz"
7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	379	echo "Creating $ROOT/database/dump.sql.gz"
71270 3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	380	"$ROOT/phabricator/bin/storage" dump --compress --output "$ROOT/database/dump.sql.gz" 2>&1 \| fgrep -v '[Warning] Using a password on the command line interface can be insecure' """)
71269 7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	381
7df5c110a43c support database dump; wenzelm parents: 71268 diff changeset	382
71283 cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	383	/* Phabricator upgrade */
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	384
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	385	command_setup(isabelle_phabricator_name(name = "upgrade"),
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	386	init =
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	387	"""BRANCH="${1:stable}"
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	388	if [ "$BRANCH" != "master" -a "$BRANCH" != "stable" ]
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	389	then
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	390	echo "Bad branch: \"$BRANCH\""
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	391	exit 1
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	392	fi
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	393
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	394	systemctl stop isabelle-phabricator-phd
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	395	systemctl stop apache2
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	396	""",
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	397	body =
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	398	"""echo -e "\nUpgrading phabricator \"$NAME\" root \"$ROOT\" ..."
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	399	for REPO in libphutil arcanist phabricator
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	400	do
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	401	cd "$ROOT/$REPO"
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	402	echo -e "\nUpdating \"$REPO\" ..."
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	403	git checkout "$BRANCH"
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	404	git pull
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	405	done
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	406	echo -e "\nUpgrading storage ..."
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	407	"$ROOT/phabricator/bin/storage" upgrade --force
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	408	""",
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	409	exit =
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	410	"""systemctl start apache2
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	411	systemctl start isabelle-phabricator-phd""")
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	412
cfcc1a2233ca support for Phabricator upgrade; wenzelm parents: 71282 diff changeset	413
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	414	/* PHP setup */
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	415
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	416	val php_version =
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	417	Isabelle_System.bash("""php --run 'echo PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION;'""")
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	418	.check.out
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	419
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	420	val php_conf =
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	421	Path.explode("/etc/php") + Path.basic(php_version) + // educated guess
71052 6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	422	Path.explode("apache2/conf.d") +
6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	423	Path.basic(isabelle_phabricator_name(ext = "ini"))
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	424
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	425	File.write(php_conf,
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	426	"post_max_size = 32M\n" +
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	427	"opcache.validate_timestamps = 0\n" +
71129 557703db74c3 tuned PHP setup; wenzelm parents: 71128 diff changeset	428	"memory_limit = 512M\n" +
557703db74c3 tuned PHP setup; wenzelm parents: 71128 diff changeset	429	"max_execution_time = 120\n")
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	430
4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	431
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	432	/* Apache setup */
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	433
71079 e06852132c1d tuned messages; wenzelm parents: 71078 diff changeset	434	progress.echo("Apache setup ...")
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	435
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	436	val apache_root = Path.explode("/etc/apache2")
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	437	val apache_sites = apache_root + Path.explode("sites-available")
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	438
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	439	if (!apache_sites.is_dir) error("Bad Apache sites directory " + apache_sites)
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	440
71058 6ca9e8377613 proper names for multiple installations; wenzelm parents: 71057 diff changeset	441	val server_name = phabricator_name(name = name, ext = "lvh.me") // alias for "localhost" for testing
71052 6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	442	val server_url = "http://" + server_name
6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	443
71058 6ca9e8377613 proper names for multiple installations; wenzelm parents: 71057 diff changeset	444	File.write(apache_sites + Path.basic(isabelle_phabricator_name(name = name, ext = "conf")),
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	445	"""<VirtualHost *:80>
71052 6bf53035baf0 clarified name prefixes: global config always uses "isabelle-phabricator"; wenzelm parents: 71051 diff changeset	446	ServerName """ + server_name + """
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	447	ServerAdmin webmaster@localhost
70969 a48112873f81 MySQL setup; wenzelm parents: 70968 diff changeset	448	DocumentRoot """ + config.home.implode + """/webroot
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	449
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	450	ErrorLog ${APACHE_LOG_DIR}/error.log
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	451	RewriteEngine on
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	452	RewriteRule ^(.*)$ /index.php?__path__=$1 [B,L,QSA]
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	453	</VirtualHost>
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	454
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	455	# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	456	""")
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	457
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	458	Isabelle_System.bash( """
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	459	set -e
46847076477c Apache setup; wenzelm parents: 70967 diff changeset	460	a2enmod rewrite
71058 6ca9e8377613 proper names for multiple installations; wenzelm parents: 71057 diff changeset	461	a2ensite """ + Bash.string(isabelle_phabricator_name(name = name))).check
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	462
71057 2965304143d8 more phabricator setup; wenzelm parents: 71056 diff changeset	463	config.execute("config set phabricator.base-uri " + Bash.string(server_url))
2965304143d8 more phabricator setup; wenzelm parents: 71056 diff changeset	464
71051 4eeff87c5072 more phabricator setup; wenzelm parents: 71050 diff changeset	465	Linux.service_restart("apache2")
70968 46847076477c Apache setup; wenzelm parents: 70967 diff changeset	466
71128 f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	467	progress.echo("\nWeb configuration via " + server_url)
f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	468
71053 ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	469
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	470	/* PHP daemon */
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	471
71128 f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	472	progress.echo("\nPHP daemon setup ...")
71053 ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	473
71273 6b8cbdc9713b more robust; wenzelm parents: 71270 diff changeset	474	val phd_log_path = Path.explode("/var/tmp/phd")
6b8cbdc9713b more robust; wenzelm parents: 71270 diff changeset	475	Isabelle_System.mkdirs(phd_log_path)
6b8cbdc9713b more robust; wenzelm parents: 71270 diff changeset	476	Isabelle_System.chown(
6b8cbdc9713b more robust; wenzelm parents: 71270 diff changeset	477	"-R " + Bash.string(daemon_user) + ":" + Bash.string(daemon_user), phd_log_path)
6b8cbdc9713b more robust; wenzelm parents: 71270 diff changeset	478	Isabelle_System.chmod("755", phd_log_path)
6b8cbdc9713b more robust; wenzelm parents: 71270 diff changeset	479
71053 ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	480	config.execute("config set phd.user " + Bash.string(daemon_user))
71112 eed5b6188371 more support for multiple daemons; wenzelm parents: 71111 diff changeset	481	config.execute("config set phd.log-directory /var/tmp/phd/" +
eed5b6188371 more support for multiple daemons; wenzelm parents: 71111 diff changeset	482	isabelle_phabricator_name(name = name) + "/log")
71053 ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	483
71124 7dbadecdc118 just one isabelle-phabricator-phd service, which manages all processes uniformly (NB: "bin/phd stop" affects all installations); wenzelm parents: 71122 diff changeset	484	val phd_name = isabelle_phabricator_name(name = "phd")
71127 0ad53b5f2bb1 more robust; wenzelm parents: 71126 diff changeset	485	Linux.service_shutdown(phd_name)
71282 de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	486	val phd_command = command_setup(phd_name, body = """"$ROOT/phabricator/bin/phd" "$@" """)
71128 f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	487	try {
f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	488	Linux.service_install(phd_name,
71053 ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	489	"""[Unit]
71124 7dbadecdc118 just one isabelle-phabricator-phd service, which manages all processes uniformly (NB: "bin/phd stop" affects all installations); wenzelm parents: 71122 diff changeset	490	Description=PHP daemon manager for Isabelle/Phabricator
71053 ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	491	After=syslog.target network.target apache2.service mysql.service
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	492
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	493	[Service]
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	494	Type=oneshot
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	495	User=""" + daemon_user + """
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	496	Group=""" + daemon_user + """
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	497	Environment=PATH=/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin
71124 7dbadecdc118 just one isabelle-phabricator-phd service, which manages all processes uniformly (NB: "bin/phd stop" affects all installations); wenzelm parents: 71122 diff changeset	498	ExecStart=""" + phd_command.implode + """ start --force
7dbadecdc118 just one isabelle-phabricator-phd service, which manages all processes uniformly (NB: "bin/phd stop" affects all installations); wenzelm parents: 71122 diff changeset	499	ExecStop=""" + phd_command.implode + """ stop
71053 ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	500	RemainAfterExit=yes
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	501
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	502	[Install]
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	503	WantedBy=multi-user.target
ba14aa0b5a5d more robust: install PHP daemon after Apache; wenzelm parents: 71052 diff changeset	504	""")
71128 f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	505	}
f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	506	catch {
f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	507	case ERROR(msg) =>
f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	508	progress.bash("bin/phd status", cwd = config.home.file, echo = true).check
f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	509	error(msg)
f79006c533b0 clarified errors: PHP daemon can fail under odd circumstances; wenzelm parents: 71127 diff changeset	510	}
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	511	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	512
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	513
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	514	/* Isabelle tool wrapper */
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	515
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	516	val isabelle_tool2 =
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	517	Isabelle_Tool("phabricator_setup", "setup Phabricator server on Ubuntu Linux", args =>
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	518	{
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	519	var mercurial_source = ""
71047 87c132cf5860 more options; wenzelm parents: 70970 diff changeset	520	var repo = ""
87c132cf5860 more options; wenzelm parents: 70970 diff changeset	521	var package_update = false
71078 5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	522	var name = default_name
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	523	var root = ""
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	524
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	525	val getopts =
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	526	Getopts("""
71078 5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	527	Usage: isabelle phabricator_setup [OPTIONS]
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	528
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	529	Options are:
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	530	-M SOURCE install Mercurial from source: local PATH, or URL, or ":" for
5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	531	""" + standard_mercurial_source + """
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	532	-R DIR repository directory (default: """ + default_repo("NAME") + """)
71047 87c132cf5860 more options; wenzelm parents: 70970 diff changeset	533	-U full update of system packages before installation
71078 5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	534	-n NAME Phabricator installation name (default: """ + quote(default_name) + """)
71068 510b89906d86 discontinued somewhat pointless Isabelle options: setup implicitly assumes Ubuntu 18.04; wenzelm parents: 71066 diff changeset	535	-r DIR installation root directory (default: """ + default_root("NAME") + """)
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	536
71103 c073c4e79518 more documentation; wenzelm parents: 71102 diff changeset	537	Install Phabricator as LAMP application (Linux, Apache, MySQL, PHP).
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	538
71078 5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	539	The installation name (default: """ + quote(default_name) + """) is mapped to a regular
5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	540	Unix user; this is relevant for public SSH access.
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	541	""",
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	542	"M:" -> (arg => mercurial_source = (if (arg == ":") standard_mercurial_source else arg)),
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	543	"R:" -> (arg => repo = arg),
71047 87c132cf5860 more options; wenzelm parents: 70970 diff changeset	544	"U" -> (_ => package_update = true),
71078 5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	545	"n:" -> (arg => name = arg),
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	546	"r:" -> (arg => root = arg))
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	547
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	548	val more_args = getopts(args)
71078 5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	549	if (more_args.nonEmpty) getopts.usage()
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	550
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	551	val progress = new Console_Progress
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	552
71268 e2fb60756fb8 proper check of Linux version; wenzelm parents: 71266 diff changeset	553	val release = Linux.Release()
e2fb60756fb8 proper check of Linux version; wenzelm parents: 71266 diff changeset	554	if (!release.is_ubuntu_18_04) error("Bad Linux version: Ubuntu 18.04 LTS required")
e2fb60756fb8 proper check of Linux version; wenzelm parents: 71266 diff changeset	555
71078 5bb2235d843d clarified command-line; wenzelm parents: 71077 diff changeset	556	phabricator_setup(name = name, root = root, repo = repo,
71280 5a2033fc8f3d avoid odd (harmless) problem with Mercurial 4.5.3 provided by Ubuntu 18.04 on first push: "couldn't write revision branch cache names"; wenzelm parents: 71277 diff changeset	557	package_update = package_update, mercurial_source = mercurial_source, progress = progress)
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	558	})
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	559
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	560
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	561
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	562	/ setup mail /
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	563
71072 22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	564	val mailers_template: String =
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	565	"""[
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	566	{
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	567	"key": "example.org",
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	568	"type": "smtp",
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	569	"options": {
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	570	"host": "mail.example.org",
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	571	"port": 465,
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	572	"user": "phabricator@example.org",
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	573	"password": "********",
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	574	"protocol": "ssl",
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	575	"message-id": true
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	576	}
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	577	}
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	578	]"""
22fcdadc404d tuned; wenzelm parents: 71071 diff changeset	579
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	580	def phabricator_setup_mail(
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	581	name: String = default_name,
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	582	config_file: Option[Path] = None,
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	583	test_user: String = "",
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	584	progress: Progress = No_Progress)
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	585	{
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	586	Linux.check_system_root()
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	587
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	588	val config = get_config(name)
71073 d61fd7aade69 clarified directory; wenzelm parents: 71072 diff changeset	589	val default_config_file = config.root + default_mailers
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	590
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	591	val mail_config = config_file getOrElse default_config_file
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	592
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	593	def setup_mail
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	594	{
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	595	progress.echo("Using mail configuration from " + mail_config)
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	596	config.execute("config set cluster.mailers --stdin < " + File.bash_path(mail_config))
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	597
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	598	if (test_user.nonEmpty) {
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	599	progress.echo("Sending test mail to " + quote(test_user))
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	600	progress.bash(cwd = config.home.file, echo = true,
71102 3d228a3a88e0 tuned; wenzelm parents: 71101 diff changeset	601	script = """echo "Test from Phabricator ($(date))" \| bin/mail send-test --subject "Test" --to """ +
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	602	Bash.string(test_user)).check
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	603	}
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	604	}
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	605
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	606	if (config_file.isEmpty) {
71070 79b89278b825 clarified permissions; wenzelm parents: 71068 diff changeset	607	if (!default_config_file.is_file) {
79b89278b825 clarified permissions; wenzelm parents: 71068 diff changeset	608	File.write(default_config_file, mailers_template)
71114 6cfec8029831 clarified signature; wenzelm parents: 71112 diff changeset	609	Isabelle_System.chmod("600", default_config_file)
71070 79b89278b825 clarified permissions; wenzelm parents: 71068 diff changeset	610	}
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	611	if (File.read(default_config_file) == mailers_template) {
71131 1579a9160c7f misc tuning and clarification; wenzelm parents: 71129 diff changeset	612	progress.echo("Please invoke the tool again, after providing details in\n " +
1579a9160c7f misc tuning and clarification; wenzelm parents: 71129 diff changeset	613	default_config_file.implode + "\n")
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	614	}
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	615	else setup_mail
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	616	}
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	617	else setup_mail
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	618	}
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	619
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	620
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	621	/* Isabelle tool wrapper */
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	622
71097 d3ededaa77b3 added "isabelle phabricator"; wenzelm parents: 71079 diff changeset	623	val isabelle_tool3 =
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	624	Isabelle_Tool("phabricator_setup_mail",
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	625	"setup mail for one Phabricator installation", args =>
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	626	{
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	627	var test_user = ""
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	628	var name = default_name
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	629	var config_file: Option[Path] = None
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	630
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	631	val getopts =
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	632	Getopts("""
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	633	Usage: isabelle phabricator_setup_mail [OPTIONS]
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	634
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	635	Options are:
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	636	-T USER send test mail to Phabricator user
71103 c073c4e79518 more documentation; wenzelm parents: 71102 diff changeset	637	-f FILE config file (default: """ + default_mailers + """ within Phabricator root)
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	638	-n NAME Phabricator installation name (default: """ + quote(default_name) + """)
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	639
71077 41b6ca223500 tuned messages; wenzelm parents: 71076 diff changeset	640	Provide mail configuration for existing Phabricator installation.
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	641	""",
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	642	"T:" -> (arg => test_user = arg),
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	643	"f:" -> (arg => config_file = Some(Path.explode(arg))),
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	644	"n:" -> (arg => name = arg))
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	645
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	646	val more_args = getopts(args)
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	647	if (more_args.nonEmpty) getopts.usage()
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	648
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	649	val progress = new Console_Progress
79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	650
71066 114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	651	phabricator_setup_mail(name = name, config_file = config_file,
114db2b5a5f8 support for Phabricator mail configuration; wenzelm parents: 71058 diff changeset	652	test_user = test_user, progress = progress)
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	653	})
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	654
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	655
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	656
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	657	/ setup ssh /
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	658
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	659	/* sshd config */
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	660
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	661	private val Port = """^\sPort\s+(\d+)\s$""".r
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	662	private val No_Port = """^#\sPort\b.$""".r
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	663	private val Any_Port = """^#?\sPort\b.$""".r
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	664
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	665	def conf_ssh_port(port: Int): String =
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	666	if (port == 22) "#Port 22" else "Port " + port
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	667
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	668	def read_ssh_port(conf: Path): Int =
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	669	{
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	670	val lines = split_lines(File.read(conf))
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	671	val ports =
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	672	lines.flatMap({
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	673	case Port(Value.Int(p)) => Some(p)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	674	case No_Port() => Some(22)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	675	case _ => None
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	676	})
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	677	ports match {
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	678	case List(port) => port
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	679	case Nil => error("Missing Port specification in " + conf)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	680	case _ => error("Multiple Port specifications in " + conf)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	681	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	682	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	683
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	684	def write_ssh_port(conf: Path, port: Int): Boolean =
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	685	{
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	686	val old_port = read_ssh_port(conf)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	687	if (old_port == port) false
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	688	else {
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	689	val lines = split_lines(File.read(conf))
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	690	val lines1 = lines.map({ case Any_Port() => conf_ssh_port(port) case line => line })
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	691	File.write(conf, cat_lines(lines1))
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	692	true
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	693	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	694	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	695
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	696
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	697	/* phabricator_setup_ssh */
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	698
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	699	def phabricator_setup_ssh(
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	700	server_port: Int = default_server_port,
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	701	system_port: Int = default_system_port,
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	702	test_server: Boolean = false,
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	703	progress: Progress = No_Progress)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	704	{
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	705	Linux.check_system_root()
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	706
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	707	val configs = read_config()
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	708
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	709	if (server_port == system_port) {
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	710	error("Port for Phabricator sshd coincides with system port: " + system_port)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	711	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	712
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	713	val sshd_conf_system = Path.explode("/etc/ssh/sshd_config")
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	714	val sshd_conf_server = sshd_conf_system.ext(isabelle_phabricator_name())
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	715
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	716	val ssh_name = isabelle_phabricator_name(name = "ssh")
71111 cd166c3904dd more robust: system ssh service is required for Phabricator ssh service; wenzelm parents: 71109 diff changeset	717	Linux.service_shutdown(ssh_name)
cd166c3904dd more robust: system ssh service is required for Phabricator ssh service; wenzelm parents: 71109 diff changeset	718
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	719	val old_system_port = read_ssh_port(sshd_conf_system)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	720	if (old_system_port != system_port) {
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	721	progress.echo("Reconfigurig system ssh service")
71111 cd166c3904dd more robust: system ssh service is required for Phabricator ssh service; wenzelm parents: 71109 diff changeset	722	Linux.service_shutdown("ssh")
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	723	write_ssh_port(sshd_conf_system, system_port)
71111 cd166c3904dd more robust: system ssh service is required for Phabricator ssh service; wenzelm parents: 71109 diff changeset	724	Linux.service_start("ssh")
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	725	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	726
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	727	progress.echo("Configuring " + ssh_name + " service")
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	728
71282 de59dd86760f tuned signature; wenzelm parents: 71281 diff changeset	729	val ssh_command = command_setup(ssh_name, body =
71122 730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	730	"""if [ "$1" = "$NAME" ]
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	731	then
730090397e0d clarified signature; wenzelm parents: 71116 diff changeset	732	exec "$ROOT/phabricator/bin/ssh-auth" "$@"
71270 3184dbad4d7d tuned; wenzelm parents: 71269 diff changeset	733	fi""", exit = "exit 1")
71109 8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	734
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	735	File.write(sshd_conf_server,
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	736	"""# OpenBSD Secure Shell server for Isabelle/Phabricator
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	737	AuthorizedKeysCommand """ + ssh_command.implode + """
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	738	AuthorizedKeysCommandUser """ + daemon_user + """
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	739	AuthorizedKeysFile none
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	740	AllowUsers """ + configs.map(_.name).mkString(" ") + """
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	741	Port """ + server_port + """
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	742	Protocol 2
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	743	PermitRootLogin no
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	744	AllowAgentForwarding no
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	745	AllowTcpForwarding no
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	746	PrintMotd no
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	747	PrintLastLog no
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	748	PasswordAuthentication no
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	749	ChallengeResponseAuthentication no
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	750	PidFile /var/run/""" + ssh_name + """.pid
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	751	""")
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	752
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	753	Linux.service_install(ssh_name,
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	754	"""[Unit]
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	755	Description=OpenBSD Secure Shell server for Isabelle/Phabricator
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	756	After=network.target auditd.service
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	757	ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	758
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	759	[Service]
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	760	EnvironmentFile=-/etc/default/ssh
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	761	ExecStartPre=/usr/sbin/sshd -f """ + sshd_conf_server.implode + """ -t
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	762	ExecStart=/usr/sbin/sshd -f """ + sshd_conf_server.implode + """ -D $SSHD_OPTS
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	763	ExecReload=/usr/sbin/sshd -f """ + sshd_conf_server.implode + """ -t
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	764	ExecReload=/bin/kill -HUP $MAINPID
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	765	KillMode=process
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	766	Restart=on-failure
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	767	RestartPreventExitStatus=255
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	768	Type=notify
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	769	RuntimeDirectory=sshd-phabricator
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	770	RuntimeDirectoryMode=0755
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	771
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	772	[Install]
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	773	WantedBy=multi-user.target
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	774	Alias=""" + ssh_name + """.service
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	775	""")
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	776
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	777	for (config <- configs) {
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	778	progress.echo("phabricator " + quote(config.name) + " port " + server_port)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	779	config.execute("config set diffusion.ssh-port " + Bash.string(server_port.toString))
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	780
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	781	if (test_server) {
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	782	progress.bash(
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	783	"""unset DISPLAY
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	784	echo "{}" \| ssh -p """ + Bash.string(server_port.toString) +
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	785	" -o StrictHostKeyChecking=false " +
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	786	Bash.string(config.name) + """@localhost conduit conduit.ping""").print
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	787	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	788	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	789	}
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	790
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	791
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	792	/* Isabelle tool wrapper */
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	793
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	794	val isabelle_tool4 =
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	795	Isabelle_Tool("phabricator_setup_ssh",
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	796	"setup ssh service for all Phabricator installations", args =>
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	797	{
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	798	var server_port = default_server_port
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	799	var system_port = default_system_port
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	800	var test_server = false
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	801
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	802	val getopts =
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	803	Getopts("""
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	804	Usage: isabelle phabricator_setup_ssh [OPTIONS]
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	805
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	806	Options are:
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	807	-p PORT sshd port for Phabricator servers (default: """ + default_server_port + """)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	808	-q PORT sshd port for the operating system (default: """ + default_system_port + """)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	809	-T test the ssh service for each Phabricator installation
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	810
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	811	Configure ssh service for all Phabricator installations: a separate sshd
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	812	is run in addition to the one of the operating system, and ports need to
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	813	be distinct.
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	814
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	815	A particular Phabricator installation is addressed by using its
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	816	name as the ssh user; the actual Phabricator user is determined via
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	817	stored ssh keys.
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	818	""",
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	819	"p:" -> (arg => server_port = Value.Int.parse(arg)),
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	820	"q:" -> (arg => system_port = Value.Int.parse(arg)),
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	821	"T" -> (_ => test_server = true))
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	822
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	823	val more_args = getopts(args)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	824	if (more_args.nonEmpty) getopts.usage()
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	825
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	826	val progress = new Console_Progress
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	827
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	828	phabricator_setup_ssh(
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	829	server_port = server_port, system_port = system_port, test_server = test_server,
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	830	progress = progress)
8c1c717a830b configure SSH hosting via "isabelle phabricator_setup_ssh"; wenzelm parents: 71103 diff changeset	831	})
70967 79736ffe77c3 some support for Phabricator server; wenzelm parents: diff changeset	832	}

author	wenzelm
	Mon, 16 Dec 2019 13:58:46 +0100
changeset 71283	cfcc1a2233ca
parent 71282	de59dd86760f
child 71284	49bc17bf4384
permissions	-rw-r--r--